Manage Learn to apply best practices and optimize your operations.

Is there a best practice for monitoring and detecting foreign wireless devices

In this Ask the Expert Q&A, Mike Chapple, SearchSecurity's resident network security expert recommends tools and tactics organizations can use to monitor and detect foreign wireless devices.

Until we're comfortable with wireless security, our company has a "no wireless on site" policy (with the exception of Admin testing). Without connecting a wireless device to our hardwired network, is there a recommended means for continuous monitoring/detecting of "foreign" wireless devices brought on site by either employees or guests? (I won't rule out a standalone PC with a wireless card.)
Rouge wireless access points certainly present an interesting challenge for security professionals. The combination of ubiquitous network jacks and extremely inexpensive wireless hardware simply make it too easy for an employee to set up his or her own "private" wireless network to do "what those IT guys won't handle."

If your company is of relatively limited size and it's practical to walk around every once in a while, you might want to use the RF scanning approach. There's a free product called NetStumbler available to assist you with this task.

There are also various products that claim to perform rouge access point detection from the wired network. I've never worked with any of these personally, but you might want to try looking at the WiSentry product. One of the biggest advantages of this approach is that you'll be able to detect activity from access points that don't broadcast their SSIDs. Tools like NetStumbler are unable to detect these sneaky APs.

This was last published in April 2006

Dig Deeper on Wireless network security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.