Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Mobile

    Sniffing Out Rogue Wireless Lans

    By
    Anne Chen
    -
    May 6, 2002
    Share
    Facebook
    Twitter
    Linkedin

      With the price of 802.11b wireless access points dropping fast, its not surprising that unsanctioned WLAN connections are popping up like weeds on corporate networks.

      Thats a problem for network managers because most wireless LANs that are based on the 802.11x standard lack built-in security, leaving corporate networks open to potential hacking.

      As a result, many IT managers are spending just as much time and effort trying to keep WLAN technology out of the enterprise as they are figuring out when, why and how to deploy it for internal use. For many organizations, that means using security tools such as sniffers and technologies such as VPNs (virtual private networks) to locate “rogue” WLAN connections and keep them off the corporate network. In the long run, many see no alternative but to adopt, communicate and enforce a WLAN security policy even if management has no official plans to use the technology.

      Many enterprises are in danger of spending millions of dollars securing their wired network only to risk exposing sensitive data via rogue WLANs, experts say. In fact, Gartner Inc. recently estimated that at least 20 percent of enterprises already have rogue WLANs attached to their networks. In addition, Gartner predicts that by the end of this year, 30 percent of enterprises will suffer serious exposures from deploying WLANs without implementing the proper security.

      For many organizations, the first step in controlling rogue WLAN users is to find them. To do that, many network managers are employing sniffer tools to track WLANs. These include WildPackets Inc.s AiroPeek NX, Network Instruments LLCs Observer and AirMagnet Inc.s AirMagnet. These tools can be used to check wireless security by identifying unauthorized clients or access points and verifying encryption usage. And many IT managers swear by shareware products such as NetStumbler (www.netstumbler.com) that let them hunt down unauthorized wireless access points. Like the proprietary tools, NetStumbler enables an IT manager (or hacker, for that matter) using a laptop and a wireless Ethernet PC Card to locate wireless access points while driving around town or walking around a building or campus. The practice is sometimes known as war driving. The software also provides information on whether or not the access point has encryption turned on, what its media access control address is, the name of the network or vendor, and signal strength.

      At the University of Akron, IT managers are using an arsenal of tools to find and lock down wireless and wired LANs. Last year, the Ohio university began installing 1,200 Aironet 350 Series access points from Cisco Systems Inc. in classrooms, residence halls, libraries and sports centers. All transmissions are secured using 128-bit encryption and IP Security VPNs from Cisco.

      But having an authorized WLAN doesnt mean users wont try to tap into the universitys network from their own rogue access points. This is why the University of Akron also uses a variety of sniffer tools to hunt down unauthorized wireless access points. IT managers there have also deployed management software from Cisco and from IBM subsidiary Tivoli Systems Inc. that sets off alarms when an unregistered client jumps on the network and shuts down routers until the activity can be investigated.

      “Universities are doubly damned in that we are notoriously known for maintaining open access to systems,” said Thomas Gaylord, vice president and CIO at the university. “We cant have our computers being used to attack other organizations. This is why we vigilantly hunt down rogue access points.”

      In the face of mounting rogue wireless access points, many IT managers are also dusting off security policies and adding rules on WLAN access, even though they may not have immediate plans to officially deploy 802.11x technologies. At Gannett Co. Inc., Gary Gunnerson, IT architect and an eWeek Corporate Partner, said employees are reminded that rogue deployments are against company policy.

      “Were not actively pursuing violators at this point and have no plans to run around the company with a wireless sniffer,” said Gunnerson, in Alexandria, Va. “But all employees throughout the management chain understand rogue access points of any sort are a violation of our corporate security policy.”

      Gannett isnt actively sniffing out violators because the company is relatively protected by its VPN technology, which provides encryption and enables IT managers to monitor clients trying to access the network, Gunnerson said. If Gannett does officially deploy WLAN technology, the company will follow its existing security policies and tie wireless access into its VPN strategy. (For more on using VPN technology to secure wireless networks, see story on Page 45.)

      “If we ever go into production, we will treat the wireless network as if it was outside the company and secure it as such,” Gunnerson said.

      Related Stories:

      • Wireless LAN Security Crackdown
      • 802.11a and 802.11g Evolve the WLAN Space
      • Review: AirMagnet 1.2 Reveals WLAN Trouble Spots
      • Review: VPN Tools Aid WLAN Security
      Anne Chen
      As a senior writer for eWEEK Labs, Anne writes articles pertaining to IT professionals and the best practices for technology implementation. Anne covers the deployment issues and the business drivers related to technologies including databases, wireless, security and network operating systems. Anne joined eWeek in 1999 as a writer for eWeek's eBiz Strategies section before moving over to Labs in 2001. Prior to eWeek, she covered business and technology at the San Jose Mercury News and at the Contra Costa Times.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×