- CNET NETWORKS UK BUSINESS SITES:
- atlarge.com
- BNET UK
- silicon.com
- SmartPlanet.com
- ZDNet.co.uk
Make drive-by hackers a thing of the past...
By Pia Heikkila
Published: 6 March 2002 14:20 GMT
Recent surveys have revealed the increasing threat of hackers getting access to wireless local area networks (WLANs).
This type of hacking activity is also known as "drive-by" hacking. Attacks come from hackers driving around in dense WLAN areas, such as the City of London, with home-made code cracking kits looking for vulnerable wireless networks.
silicon.com has teamed up with wireless security consultancy Orthus, to put together the 10 best tips to keep those drive-by hackers at bay.
1. Use directional antennae to avoid excessive spreading of the signal. Signals can emanate many hundreds of feet!
2. Change the default password on the access point (AP). As most freeware scanning software can quickly suss out the default password it is vital that the password is changed.
3. Always use wired equivalent privacy (WEP). While WEP is not automatically secure it does at very least act as a barrier.
4. Ensure the WLAN is on a separate network or firewalled interface. Treat the WLAN as a semi-untrusted network.
5. Install a personal firewall on all systems using WiFi (The wireless protocol). Many new laptops are being shipped with inbuilt WiFi cards which means your system may be remotely accessible without the protection of firewall.
6. Perform regular external WLAN audits with a scanning tool. Check for the introduction of unauthorised APs to the network.
7. Perform regular internal WLAN audits. Additionally, check for the introduction of unauthorised wireless cards and APs that maybe used for illegal file sharing.
8. Administration of wireless networks is important! Administration should be conducted via secure encrypted sessions. Make sure you are using SSL (secure socket layer) and VPN authenticated sessions that protect the administrator password when doing this.
9. Maintain audit logs of who is using the WLAN. Audit them regularly to identify unauthorised access and internal abuse of the network.
10. Assess the information passing over the wireless networks. Consider the sensitivity and lifetime of data passing over the wireless network. Is it covered by the Data Protection Act?
And remember - wireless networks should always be treated as public networks!
Want to find out more about wireless security? Don't forget to check out our Cheat Sheet on Mobile Security - http://www.silicon.com/a51322
This will require ensuring security reminders are put in unit communications, security awareness sessions are presented to communication events on a ...
Technical expertise in: - TETRA - analogue and digital - radio frequency planning - WiFi - WiMax - fixed wireless networks - 3G and 2G networks - ...
Responsibility for maintaining the integrity of the networks (i.e.providing adequate protection from viruses, spam, hacking, compliance with the Data ...
CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.
Stories from the web...
Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
RSS Feeds
Peter Cochrane Peter Cochrane's Blog: Is convergence a fiction? Or could it finally be happening…
Clive Longbottom Quocirca's Straight Talking: A game of two halves Microsoft Virtualisation scores while its SOA bores...