Thursday, July 09, 2009

A Quick Wireless Audit

Steve Branigan, an adjunct professor and advisory committee member in my networking program has a great blog post on performing a wireless audit. First he points out the dangers of connecting to a rogue access point and then provides step-by-step directions for a quick and dirty wireless audit.

how to do a quick wireless audit « Steven Branigan’s Blog
What could be the problem with using an unauthorized (rogue) access point or a convenient hotspot? There are three problems that jump to mind:

  1. You might have permission to use that network. This could lead to embarrassment should it arise that corporate communications are going over someone’s open linksys access point based in their apartment.
  2. The owner of the network could decide to monitor all communications on their network, which might include your conversations.
  3. The wireless network could be so open that anyone could attach to the network and scan all the computers on the local network. This could make it easy to connect to fileshares on any computer attached to the wireless network, for example.
It is entirely possible for a user to connect to an open network accidentally. Here is an example of how that can happen. When I visit one of my favorite coffee shops, I will connect to their public use wireless network, named ‘tmobile’. Whenever I go into that coffee shop, my computer will automatically connect to the ‘tmobile’ network. What would happen if that ‘tmobile’ network appeared in the office building? Well, most likely, my computer would automatically connect to the tmobile network, and this could be a problem! There is an easy way to test for your environment and see if you have users that will automatically attach to a wireless network.
  1. Get an inexpensive access point, such as a linksys wrt54g.
  2. Set the network name (also known as the SSID) to linksys. (other SSIDs to use include tmobile, default, belkin54g and guest.)
  3. Do not connect the WAN port to the corporate network or the Internet. This will ensure that no access point users will connect to the Internet.
  4. Plug the access point in.
  5. After about 2 hours, connect to the wireless network and log in as the administrator. Examine the DHCP log. It is in here that you will find the number of people that attached to the wireless access point along with their computer name.
Using this list, you can help find users that might be suspectible to unknowingly connecting to a rogue access point.

No comments:


Related Posts Plugin for WordPress, Blogger...