Make drive-by hackers a thing of the past...
By Pia Heikkila
Published: 6 March 2002 14:20 GMT
Recent surveys have revealed the increasing threat of hackers getting access to wireless local area networks (WLANs).
This type of hacking activity is also known as "drive-by" hacking. Attacks come from hackers driving around in dense WLAN areas, such as the City of London, with home-made code cracking kits looking for vulnerable wireless networks.
silicon.com has teamed up with wireless security consultancy Orthus, to put together the 10 best tips to keep those drive-by hackers at bay.
1. Use directional antennae to avoid excessive spreading of the signal. Signals can emanate many hundreds of feet!
2. Change the default password on the access point (AP). As most freeware scanning software can quickly suss out the default password it is vital that the password is changed.
3. Always use wired equivalent privacy (WEP). While WEP is not automatically secure it does at very least act as a barrier.
4. Ensure the WLAN is on a separate network or firewalled interface. Treat the WLAN as a semi-untrusted network.
5. Install a personal firewall on all systems using WiFi (The wireless protocol). Many new laptops are being shipped with inbuilt WiFi cards which means your system may be remotely accessible without the protection of firewall.
6. Perform regular external WLAN audits with a scanning tool. Check for the introduction of unauthorised APs to the network.
7. Perform regular internal WLAN audits. Additionally, check for the introduction of unauthorised wireless cards and APs that maybe used for illegal file sharing.
8. Administration of wireless networks is important! Administration should be conducted via secure encrypted sessions. Make sure you are using SSL (secure socket layer) and VPN authenticated sessions that protect the administrator password when doing this.
9. Maintain audit logs of who is using the WLAN. Audit them regularly to identify unauthorised access and internal abuse of the network.
10. Assess the information passing over the wireless networks. Consider the sensitivity and lifetime of data passing over the wireless network. Is it covered by the Data Protection Act?
And remember - wireless networks should always be treated as public networks!
Want to find out more about wireless security? Don't forget to check out our Cheat Sheet on Mobile Security - http://www.silicon.com/a51322
Performing site survey Design tools Heat map generation Configuration of controllers in converged environment Must have knowledge of POS, WLAN ...
Configure and maintain eMail systems and gateways - including database optimisation, create/delete users, monitor traffic, password allocation. ...
Network Engineer- London- Financial Services- Cisco Routers and Switches, Firewalls, Checkpoint FireWall, F5 LTM and GTM, Bluecoat Proxy Servers, ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business