Preventing wireless snooping

Q: How can I prevent people from eavesdropping on my wireless network? – Alex, Pittsburgh

A: Unlike war driving (using such tools as NetStumbler), which generates 802.11 traffic, eavesdropping is a passive event that does not generate traffic, and is therefore undetectable. However, there are some actions that can prevent (or minimize) such activities. Certain enterprise-class access points can configure the antennae patterns, minimizing the potential for your RF to leak outside your building. If your access points do not support such a feature, consider external antennae (again, assuming your access points support this). Assistance from a knowledgeable systems integrator may be necessary during the deployment process in order to measure and control the amount of leakage outside your building. This is probably the best solution, and should be done even if you can contain the wireless traffic within your building. Encrypting user data protects your information even if a hacker with strong RF skills uses a high-gain antenna to attempt to gain access to the RF network. If convenience is more important than total security, consider PPTP or 802.1x, but for a more secure wireless environment, I would opt for WPA or IPSec. Too many access points on the market do not give the network administrator the ability to gain visibility when the network is under attack. Certain forms, such as rogue access points, can easily be mounted outside your building using the same SSID as your authorized network. These devices could generate a “man-in-the-middle” attack to gain access to sensitive keying information. To avoid this, make sure your network infrastructure can detect, and in certain cases, contain these rogue access points. 

Contain your RF -

Encrypt your data -

Choose equipment that provides visibility to attacks -

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2003 IDG Communications, Inc.