This article can also be found in the Premium Editorial Download "Information Security magazine: Top forensics tools for tracking down cybercriminals."
Download it now to read this article plus other related content.
Defend the Airwaves
The public nature of RF spectrum, on which 802.11 networks operate, poses challenges exclusive to wireless networks. Early wireless networks gave rise to war drivers and postings online of wide-open WLANs, complete with GPS coordinates. Continuous monitoring is needed to detect attacks and any abnormal RF propagation patterns.
Sometimes the problem is internal. Employees who transfer large files, misconfigured access points and clients, and RF interference from non-802.11 devices such as wireless telephones, remote cameras, even microwave ovens, can all interfere with the smooth operation of a WLAN. Inadvertent associations--such as an employee in the office next-door or a customer carrying a Wi-Fi enabled PDA--need to be distinguished from attackers.
Companies like AirTight Networks, AirDefense, AirMagnet, Newbury Networks, Network Chemistry and Bluesocket have developed wireless IDS/IPS systems with advanced RF-monitoring and blocking capabilities.
For smaller organizations, many wireless routers have built-in firewalling capabilities. They also can use network-monitoring tools, such as NetStumbler.
Using more than one tool for monitoring wireless (and wired) networks also helps security professionals fend off potential attacks. In addition to relying on his SonicWALL devices to automatically detect problems on Mortgage Financial's wireless network, Beaupre uses Ipswitch's WhatsUp Gold Premium, along with Denika Performance
No One Answer
There is no silver bullet when it comes to wireless security. Security pros are constantly wrestling with security versus usability within their organizations, and it's up to you to find a workable solution that fulfill both needs. Wireless security continues to mature, offering organizations the flexibility to further their business goals.
This was first published in December 2005