Make sure your wireless network can't be sniffed, warns DataPro
By Gary Sweidan

As wireless networks are becoming more popular, companies need to understand that they also need to be protected from intrusions because people with the right technology will be able to gain access to their networks, said Gary Sweidan, operations director of premier Internet service provider (ISP), DataPro.

One of the biggest problems, said Sweidan, is the capability of the people with the right technology to detect, or 'sniff', a wireless network.

The really alarming thing is that many of the tools required to hack into wireless networks are freely available on the Internet. There have even been press articles, which have talked about these tools, telling the reader where to find them on the Internet. But while there are risks inherent in running a wireless network - just like a physical one - we clearly have to accept that they are going to become more popular. The same security procedures, therefore, need to be taken - just as for a 'normal' network.

Sweidan said any sensitive information carried over a wireless network must, therefore, be protected by an appropriate form, and level, of encryption to protect against 'wireless eavesdropping'.

Network administrators might often wonder how close the perpetrators need to be to the wireless network to hack into it. Sweidan said that while the range of detection - and of actually data theft - can be limited to only a few meters by the small antennas or aerials built into the wireless LAN card, some models these days are provided with an external antenna connector which enables this range to be increased to several hundred meters and, in some instances, even kilometres.

Another problem faced by users of wireless networks is the advent of spoofing. This is where Internet hackers set up rogue wireless devices to ply their trade. The idea here is for the hacker to get legal or authorised users to connect unwittingly to the rogue, or false, network. This means there is no security whatsoever, and, as the authorised user is duped into connecting to the rogue network sensitive information can be effortlessly gleaned by the hacker.

There are ways to safeguard against this. One way, he explained, is to ensure that users modify their own default settings. In fact, SSID settings on a network should be regarded as the first level of security when it comes to wireless networks. Although the SSID, on its own, is not the ultimate panacea for wireless network security - and will not completely protect the network from unwanted intrusion - by cleverly configuring the SSID, hacking into your network will become a lot harder.

Sweidan said when it comes to network security the issue of money always crops up. With enough money networks can be made very safe. But not every company has millions of rands to throw at network security - even if the directors or management clearly recognise the importance of high-level network security.

But businesses with heavy network needs - and with enough money - can certainly consider installing a virtual private network (VPN). A VPN can be implemented with very high levels of network security; but they are naturally only advisable where a company, or corporation, has a number of office locations around the country.

It must also be remembered that hackers are not always malicious. They are not always out to do damage. Often they are just bored teenagers or students with a high level of technical skills - and who just enjoy gaining access to networks and Web sites. This notwithstanding, every now and again, a hacker might just get nasty and steal information for his own ends - or may be employed to get involved in industrial espionage. To be utterly safe, one should ensure that your level of network security is not only appropriate for your business requirements - and budget - but that it is aligned to protect you from the worst case scenario.




--------------------------------------------------------------------------------

itweb
Article printout from ITWeb courtesy of Lexmark South Africa.
Copyright © 1996-2003 ITWeb Limited