Freeware detects insecure wireless networks

Wireless networking has become a convenient way to connect computers without the hassle of running cable between machines. But if it's not properly secured, it can be a loophole through which crackers can hijack free network access.

Network Stumbler, or NetStumbler as it's more commonly called, is a free utility that can help a network administrator determine if one or more wireless networks in the organization is insecure or just lacking in signal strength. It works with 802.11b/a/g networks on Windows and will continue to be upgraded as changes in wireless network protocols and standards evolve.

When you launch the program, the first thing it does is try to disable the Wireless Zero Configuration Service, since the service must be disabled to give the program direct access to the wireless card's configuration. The program then attempts to scan all channels on all available wireless devices and retrieve what networks are available on each.

If you click on the name of a discovered network, the program displays a graph that shows the signal strength of the network in question. The graph, which is updated regularly, shows signal readings as well as noise readings. If a network is weak in a particular area, this feature helps determine if that is because of interference from other radio sources or simply a lack of strength on the part of the transmitter.

More Information Sign up to receive free information security downloads Learn how to create a VPN for your wireless network. Visit our wireless architecture resource center  for news, tips and expert advice.

The "Filters" tree in the program's left-hand pane lets you filter the discovered networks by various parameters. For instance, with the "Encryption Off" filter, you see all networks that are not using encryption, which provides a quick way to see if a given network is not secured. Likewise, the "ESS (AP)" filter lets you see all access points with publicly available names – another common security problem, since a network with a publicly broadcast name can be easily infiltrated.

About the author

Serdar Yegulalp is editor of the Windows Power Users Newsletter.

This tip originally appeared on SearchWinSystems.com

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. BROWSE BY TAG Network Security Tactics,   Wireless Network Security: Setup and Tools,   Wireless LAN Design and Setup,   Enterprise Network Security,   VIEW ALL TAGS Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Network Security Tactics How to keep networks secure when deploying an 802.11n upgrade Screencast: Find rogue wireless acess points with Vistumbler How to prepare for a secure network hardware upgrade Preventing SQL injection attacks: A network admin's perspective Screencast: How to launch an OpenVAS scan Wireless network guidelines for PCI DSS compliance Aligning network security with business priorities Scanning with N-Stalker offers basic Web application security assessment Lifecycle of a network security vulnerability Screencast: BackTrack 4 offers an arsenal of penetration testing tools Wireless LAN Design and Setup Wireless network guidelines for PCI DSS compliance Best Wireless Security Products How to prevent wireless DoS attacks Lesson 4 quiz: How to use wireless IPS Wireless intrusion prevention systems: Overlay vs. embedded sensors Rogue AP containment methods How to monitor WLAN performance with WIPS The role of VPN in an enterprise wireless network Wireless AP placement basics Lesson 3 quiz: Who goes there? Wireless LAN Design and Setup Research RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary evil twin  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.