Using the Wireless Network to Monitor Itself

An early security hole (and one that you can drive a truck through) in wireless networks was the problem of "rogue" access points: essentially wireless access points deployed without authorization of the IT department and almost always without the best practices security measures implemented.

Using the wireless network itself, wireless access points can be programmed to scan the RF environment to search for access points that are not part of the official network. Using information obtained from the scanning process, the Wireless Control System (WCS) can alert administrators that a potential "rogue" AP is present in the network. When combined with wireless Location Services, it is even possible to map the location of the "rogue" and provide IT staff with a head start on mitigating the security hole.

Similarly, using known attack signatures, the wireless network can also monitor for known attack vectors, clients attempting access or other maliciousness against the wireless network. Such wireless Intrusion Prevention mechanisms are also an important step in protecting the wireless network.

Conclusion

The nature of wireless networking means that a hacker does not need to gain physical access to your building in order to "plug in" and get access to the network. Proximity is enough. However, putting the threat in perspective, this also means that physical proximity is required to attack a wireless network...it is not feasible to do so from afar. By following today's best practices for wireless network security, there are a few straightforward steps to securely lock-down your wireless network. Finally, if you are responsible for operating a wireless network, keep up to date on the latest tips and tricks people are using to side-step wireless security.