• United States

Blocking unauthorized wireless users

Aug 04, 20032 mins
Network SecuritySecurity

Our network has several wireless access points, and our system logs show that unauthorized users have been ‘borrowing’ our Internet connection. What steps can we take to make the access points more secure?

Our network has several wireless access points, and system logs show unauthorized users have “borrowed” our Internet connection. What can we do to make the access points more secure?

Finding wireless access points is a matter of using a traveling wireless client system to sniff for wireless base stations.

Some utilities identify only open access points. Others exploit the connections they find. Maps can be found on the Internet identifying “stumbled” networks in most major metropolitan areas.

First, enable Wired Equivalent Privacy to stop unauthorized users from auto-connecting to your wireless net. This is only the first step, as it easily can be cracked by free utilities such as airsnort.

The next steps include changing the default Service Set Identifier, disabling SSID broadcast and changing the default password for the base station.

Other security tools include media access control-address filtering, installing a security gateway between the wireless access point and your wire-line network and directing wireless-connection attempts to authenticate against a RADIUS or VPN server before letting traffic pass the gateway.