IBM claims that it has developed the industry’s first automated auditing tool that can monitor 802.11 wireless networks and collect security-related information.
The Wireless Security Auditor – a prototype application running on Linux -enables network administrators to find vulnerable access points and then to ensure they are corrected or removed so they no longer pose a security threat to a network.
The security auditor runs on a small wireless PDA. The audit information is presented on a colour coded interface, with properly configured access points shown in green and vulnerable ones in red. Detailed information is also available for all access points – including station and network name, address, location and security state.
Existing security for 802.11 wireless consists of two subsystems – a data encryption technique called Wired Equivalent Privacy (WEP) and an authentication algorithm called Shared Key Authentication. WEP and Shared Key are optional, and wireless access points are typically shipped with both turned off.
Wireless network security needs to be checked frequently, as employees often add new wireless devices, which may become easy access points for hackers. The new tool will allow security consultants to find what access points exist, examine their configuration and take proper steps to keep the wireless network secure.
Dave Safford, manager of network security at IBM Research, said, ‘As 802.11 wireless networks become more common, companies’ intranets are increasingly being exposed to drive-by hacking. Our Wireless Security Auditor will be an essential tool for security experts to maintain wireless network security.’