- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
NetworkWorld.com - Q: How can I prevent people from eavesdropping on my wireless network? – Alex, Pittsburgh
A: Unlike war driving (using such tools as NetStumbler), which generates 802.11 traffic, eavesdropping is a passive event that does not generate traffic, and is therefore undetectable.
However, there are some actions that can prevent (or minimize) such activities.
Contain your RF - Certain enterprise-class access points can configure the antennae patterns, minimizing the potential for your RF to leak outside your building. If your access points do not support such a feature, consider external antennae (again, assuming your access points support this). Assistance from a knowledgeable systems integrator may be necessary during the deployment process in order to measure and control the amount of leakage outside your building.
Encrypt your data - This is probably the best solution, and should be done even if you can contain the wireless traffic within your building. Encrypting user data protects your information even if a hacker with strong RF skills uses a high-gain antenna to attempt to gain access to the RF network. If convenience is more important than total security, consider PPTP or 802.1x, but for a more secure wireless environment, I would opt for WPA or IPSec.
Choose equipment that provides visibility to attacks - Too many access points on the market do not give the network administrator the ability to gain visibility when the network is under attack. Certain forms, such as rogue access points, can easily be mounted outside your building using the same SSID as your authorized network. These devices could generate a “man-in-the-middle” attack to gain access to sensitive keying information. To avoid this, make sure your network infrastructure can detect, and in certain cases, contain these rogue access points.