Patrolling Wireless Networks

The Sasser worm basically fizzled, and I think that so far, its variants are little more than a nuisance. But that could change in the future. We'll have to wait and see. In any event, it's a certainty that someone with misconnected neurons will unleash yet another worm on the unsuspecting public before people have had time to install the most recent patches and fix any problems with them. Gee, I can hardly wait. In the meantime, other matters need attending to. For example, what's the state of your wireless security?

If you subscribe to "Windows & .NET Magazine," you've probably received the May issue, which includes "A Secure Wireless Network Is Possible," an informative article by Randy Franklin Smith. Subscribers can also read the article at the URL below. In the article, Smith points out that, "Wireless networks can be secure if you use the right technologies. To add a secure wireless network to an existing Windows network, all you need to do is install one or more 802.1x-compliant wireless Access Points (APs) and one computer running Windows Server 2003. The Windows 2003 server will facilitate 802.1x authentication between your wireless clients and your existing Windows network. Your users will be able to gain access to your wireless network simply by using their existing Windows user accounts."

If you have wireless equipment and Windows Server 2003, consider implementing the suggestions in the article. Also consider what might happen if someone plugs in a wireless AP without your knowledge or someone (inadvertently or not) configures his or her wireless network card to operate in ad-hoc mode. In either case, your network would suddenly gain a security hole that you might not want to leave open. Another problem arises when unwanted wireless clients come within broadcast range of your wireless gear.

Solutions are available to monitor the airwaves against unwanted access points and unknown wireless clients, a few of which are AirDefense, AirMagnet, and Red-M's Red-Detect. These are hardware-based solutions that can quickly identify broadcasting APs and clients, help prevent unwanted wireless connectivity, detect various types of wireless network attacks, and more.

I'm in the process of reviewing these three products for an upcoming edition of "Windows & .NET Magazine." I wonder if you use one of these solutions or maybe another solution? If so, I'm interesting in learning what you think about it and what your experiences have been to date. Please send me an email with your detailed thoughts about these products or whichever solution you might use. And please prefix your message subject with "WIFI:" so that I can more easily find your responses among the junk mail.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.