Recent surveys have revealed the increasing threat of hackers getting access to wireless local area networks (WLANs).
This type of hacking activity is also known as "drive-by" hacking. Attacks come from hackers driving around in dense WLAN areas, such as the City of London, with home-made code cracking kits looking for vulnerable wireless networks.
silicon.com has teamed up with wireless security consultancy Orthus, to put together the 10 best tips to keep those drive-by hackers at bay.
1. Use directional antennae to avoid excessive spreading of the signal. Signals can emanate many hundreds of feet!
2. Change the default password on the access point (AP). As most freeware scanning software can quickly suss out the default password it is vital that the password is changed.
3. Always use wired equivalent privacy (WEP). While WEP is not automatically secure it does at very least act as a barrier.
4. Ensure the WLAN is on a separate network or firewalled interface. Treat the WLAN as a semi-untrusted network.
5. Install a personal firewall on all systems using WiFi (The wireless protocol). Many new laptops are being shipped with inbuilt WiFi cards which means your system may be remotely accessible without the protection of firewall.
6. Perform regular external WLAN audits with a scanning tool. Check for the introduction of unauthorised APs to the network.
7. Perform regular internal WLAN audits. Additionally, check for the introduction of unauthorised wireless cards and APs that maybe used for illegal file sharing.
8. Administration of wireless networks is important! Administration should be conducted via secure encrypted sessions. Make sure you are using SSL (secure socket layer) and VPN authenticated sessions that protect the administrator password when doing this.
9. Maintain audit logs of who is using the WLAN. Audit them regularly to identify unauthorised access and internal abuse of the network.
10. Assess the information passing over the wireless networks. Consider the sensitivity and lifetime of data passing over the wireless network. Is it covered by the Data Protection Act?
And remember - wireless networks should always be treated as public networks!