Thursday, April 10, 2008

Know what's happening in your wireless network?

Network Scanning: Find Out What’s Really on Your Wireless Network
By John Edwards

If you've never used a wireless network scanner, you may be surprised by what it can tell you about your network and the data that lies within its reach.
A growing number of businesses are deploying 802.11 wireless networks for both internal use and public access. Regardless of the network's purpose and configuration, a wireless network scanner is necessary for assuring its continued operation and security. Popular open-source wifi network scanners include NetStumbler and Kismet. These products, and most other network scanners, can help you learn the following things about your wireless network.

Overall Vulnerability: Network scanners are often used in conjunction with a laptop or other portable computer to sniff out wireless networks from a moving vehicle — a practice known as wardriving. Performing the same activity while strolling down a street or through a business site is called warwalking. There's also warbiking, warskating and probably war-go-karting happening as well. In any event, while you yourself may never use a network scanner for wardriving or similar activities, you can be certain that other people are doing so in order to test your network's availability, size and configuration, as well as its potential vulnerability.

NetStumbler and some other network scanners work actively, sending messages that are designed to probe any encountered access point for information, such as its SSID (service set identifier), MAC (machine access code) numbers and the name of the network it's connected to. If your network is secure, you have nothing to worry about. If, on the other hand, you suspect that your network may be vulnerable to intruders through the lack of security measures, you may want to perform your own wardrive in order to check for potential soft spots (such as improperly configured access points that allow unrestricted network access or those that spew too much identification information). Vendors such as AirMagnet Inc. and Aruba Networks Inc. offer technologies that are designed to lock down wireless networks.

The Presence of Rogue Access Points: This is perhaps the most useful network-scanner application. A rouge access point is an access point that exists without permission of the wireless network's administrator. Rogue access points are often installed by employees to create stealth wireless networks that circumvent security measures installed on the company wireless network. A network scanner lets you sniff out, pinpoint and eradicate unauthorized access points.

Criminals can also install a rogue access point within the range of a company wireless network to hijack the connections of legitimate users. The crooks can then use the connections to eavesdrop on transmitted information and potentially even gain entry to the company's main internal network.

Hardware Problems: A network scanner is indispensable for checking the state of wireless network hardware, particularly access points. By measuring signal strength, the scanner can help you quickly identify access points that are inoperative or performing poorly.

The Location of Weak and Dead Spots:
Network coverage can be impaired by walls, trees and a variety of other man-made and natural objects. A network scanner can help you locate poor coverage areas, which can then be bolstered with additional access points.

The Sources of Wireless Interference: Wireless networks are subject to interference from neighboring 802.11 installations, as well as from a variety of consumer and business technologies, including cordless phones, motors and various types of industrial equipment. By showing signal strength as you move about, a network scanner can help you track down interference sources that generate signals on the same frequency as the wireless network.

Improperly Aimed Directional Antennas Used for Long-Haul Connections: Many companies use point-to-point wireless connections to link together 802.11 hotspots across a business campus or other geographical site. Aiming directional antennas requires precise adjustments to ensure continuous connectivity and maximum performance. By measuring signal strength, a network scanner makes antenna aiming a faster, more exact and less troublesome task.

Source: ITSecurity

No comments: