New tools and features from two manufacturers of wireless security software will help network administrators sniff out rogue wireless systems and spot attacks that spread over wireless links.
AirDefense Inc. and Newbury Networks Inc. each announced software in the past two weeks that gives administrators new ways to inventory authorized wireless devices; spot attacks; and even spot rogue devices lurking in unsuspected places, a process known as wardriving.
AirDefense, of Atlanta, unveiled AirDefense Mobile, a WLAN (wireless LAN) analyzer that spots wireless devices using the 802.11a, b or g protocols.
The software runs on any Microsoft Corp. Windows 2000 or Windows XP system. Administrators use the software to scan their networks for wireless activity and devices, correlating access points that it spots with a list of authorized devices and flagging rogue devices.
Bob Isaacs, a contractor for technology consultant Booz Allen Hamilton Inc., in McLean, Va., said AirDefense Mobile allowed him to wardrive U.S. Army facilities where Booz Allen provides computer support. The Army prohibits wireless devices at those facilities because they are used to process classified information. AirDefenses technology is used to enforce the wireless ban.
Isaacs said AirDefense Mobile, which retails for $995, is superior to free tools such as NetStumbler because it can spot wireless access points that are not broadcasting their presence using an SSID (service set identifier).
WiFi Watchdog 5.0, from Newbury Networks, is server software that uses location technology and behavior patterns for intrusion prevention and detection, client protection, and containment of rogue access points.
Location technology helps eliminate false positives in intrusion detection, differentiating a true rogue access point in a client company from an unsecured access point in an adjacent office, said officials at the Boston company. WiFi Watchdog 5.0 classifies the type of attack and identifies the physical location of the source of the attack, officials said.
“If a neighbor has a rogue, the system monitors it but only alerts you if one of your clients tries to connect to it,” said Brian Wangerien, director of product management at Newbury Networks.
WiFi Watchdog 5.0 will be out in an early release at the end of the summer and commercially available in September. Pricing starts at $14,995.