https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2022 Winter Showcase
    • IWCE 2023 Pre-event Guide
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2023 Pre-event Guide
    • IWCE 2022 Winter Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

content


Unsecured Wi-Fi access points a concern

Unsecured Wi-Fi access points a concern

New devices monitor airwaves for rogue wireless LAN users
  • Written by Urgent Communications Administrator
  • 1st January 2005

While Wi-Fi has provided significant benefits for enterprise customers, it also has generated significant headaches. “Rogue” access points operating without company blessing and potentially installed for industrial espionage are a real threat to a secure corporate computing environment.

According to security companies, federal regulations such as the HIPPA health care privacy act and Sarbanes-Oxley financial reporting requirements have pushed publicly owned companies to increase efforts to monitor and control Wi-Fi networks. In addition, the Department of Defense, in a directive issued in April 2004, established policies for securing and using commercial wireless devices and technologies — including Wi-Fi — in its worldwide information network.

Compounding matters, out-of-the-box security standards such as WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) are “inadequate,” said Phil Solis, Wi-Fi analyst at ABI Research. “WPA2 will be available in the future, but it can be broken into if used with a password that can be found through a dictionary check. This isn’t new news.”

The abundance of unsecured Wi-Fi access points in operation around the world also is compounding matters, according to research conducted by Chris Hurley, author of “Wardriving: Drive, Detect, Defend.” In 2004, Hurley organized an effort to “wardrive” — search for open Wi-Fi access points — in cities around the world. More than 228,000 access points were discovered in operation, with less than 40% of them using WEP security. Even after ruling out home users, there’s a “lot of open equipment out there,” said Hurley.

Increasingly, organizations are moving to monitor Wi-Fi emissions regardless of whether corporate IT policies permit such devices.

“A third of our customers have no wireless LANs and want to make sure they don’t,” said Jay Chaudhry, executive chairman and co-founder of AirDefense, a leader in wireless LAN monitoring solutions. “We had not thought there would be such a big demand. Monitoring makes sure people are enforcing security policy. Unless you monitor the [airwaves], the policy is useless.”

Chaudhry said financial services customers don’t deploy wireless LANs because of security considerations and want to make sure that employees don’t set up unauthorized access points for their convenience.

Companies that start monitoring Wi-Fi emissions often end up surprised at what they find.

“The key thing for an enterprise is that many of them don’t realize they already have wireless [LANs],” said Karl Feilder, CEO and president of Red-M, another maker of wireless LAN monitoring gear. “[That] leaves them wide open.”

Feilder said about 80% of his company’s sales are to clients that believe they don’t have any sort of wireless LAN on the premises. Unfortunately, enterprise employees often install low-cost consumer Wi-Fi equipment without the knowledge or permission of the corporate IT staff.

“Nearly every one of them that [monitored for Wi-Fi] found they do have lots of wireless,” Feilder said. “Because there is no corporate plan for deployment, there is no wireless security plan.”

In three years of operations, AirDefense has accumulated about 350 customers, including clients in the Fortune 2000, health care sector and more than 50 government organizations, including the DOD. In addition, Cisco Systems and IBM both have selected the company’s solution for wireless security monitoring. Many customers first obtain a wireless LAN monitoring system for “cleansing the air” — establishing a baseline of radio frequency (RF) emissions in the area and to detect any unauthorized equipment — before rolling out a sanctioned Wi-Fi solution.

“I was personally surprised to see every customer was requiring monitoring security upfront before deploying [Wi-Fi],” Chaudhry said. “Our customers are in different states of deploying wireless LANs. While 80 to 85 percent of them have some degree of wireless deployment, only 20 to 25 percent have [a solution] deployed companywide. Others have divisional, departmental rollouts and lab testing going on to make sure it is secure.”

AirDefense’s solution uses a set of sensors deployed at key locations around the area to be monitored and a centralized server to correlate data. A single hardware sensor, built around a wireless LAN access point and loaded with the company’s specialized software, can provide coverage over two to three floors of an office building, or about 20,000 to 25,000 square feet of space. Each sensor contains a pair of radios that constantly scan 2.4 GHz and 5 GHz bands, looking for 802.11a/b/g wireless traffic on the airwaves and preprocesses wireless LAN packets it discovers before forwarding the suspect information via the corporate wired LAN network back to the server for further processing.

The server then analyzes collected traffic for the presence of unauthorized devices — logging what they are doing, time of day, bands being used — and looks for attacks such as network address spoofing and denial-of-service. Depending on the configuration, the server can do something as simple as send an e-mail alarm to a network manager. Or it can terminate a wireless connection, sending a message to a wired router to shut down the wired port of an unauthorized wireless device on the corporate LAN.

An entry-level system with four sensors and a server starts at about $7000 and offers coverage over eight to 10 floors of an office building. Server size is driven by the RF bandwidth traffic moving around, with a server able to process up to “several hundred” sensors in a light environment. Chaudhry said AirDefense’s largest customer had implemented a scaled solution to monitor 290 physical locations across five continents; the system is capable of monitoring 50,000 Wi-Fi devices using 1800 access points.

Red-M offers a slightly different solution for Wi-Fi monitoring. For about $800, a single Red-Alert PRO device about the size of a smoke alarm provides complete stand-alone monitoring of both Bluetooth and Wi-Fi usage. It has a built-in Web server and SNMP network messaging so it can be integrated into an existing wired LAN monitoring system with relatively little overhead. Multiple Red-Alert PRO devices can be deployed in combination with a coordinating server running Red-Detect and Red-Vision software for extended coverage in a building or campus environment. Red-Detect provides the ability to block unauthorized wireless devices while Red-Vision can import maps and floor plans for managing and coordinating hundreds of Red-Alert PRO devices.

Regardless of the tools, wireless LAN security currently is a moving target, according to Chaudhry.

“Eighteen months ago, the big worry was rogue access points, now it’s shifting to rogue stations,” he said. “The employee sits in the office, plugs into the wired LAN, and his wireless laptop becomes a wonderful bridge transmitting information to the building across the street. Wireless laptops are opening up back doors. Every company wants to make sure there are no back doors.” Other issues on the horizon include monitoring for abuse of short-range 2.4 GHz Bluetooth and longer-range WiMAX devices.

Complicating matters further is the evolution of sophisticated attack tools created by hackers and a corresponding lack of effective defense mechanisms, according to Don Bailey, a consultant with the Shmoo Group, a non-profit security collaborative.

“There’s a boatload of wireless [intrusion detection systems] being pimped to corporate types, and for the most part, they focus on keeping the wireless network admin aware that something terrible is going on,” Bailey said. “That’s hilarious because the wireless network admin is the regular network admin, and he doesn’t have time to save his users’ [rears] at the drop of a hat.”

However, Shmoo Group has developed “quite a dandy list” of publicly available wireless security tools over the past few years, Bailey said, including the Airsnort software package for WEP encryption monitoring and a “Sniper Yagi” that mounts a 14.6 dBi Yagi antenna for Wi-Fi monitoring onto a rifle stock for precision aiming of the antenna at a facility over long distances.

“There are some newer wireless attack tools on the immediate horizon that people might be talking about in the halls of ShmooCon [a computer security convention] in February,” Bailey said. “Sexy and evil stuff in my opinion.”

Tags: Local Area content Enterprise Wireless Networks

Most Recent


  • Panel at SBC event examines significant economic, policy challenges facing in-building communications
    Ensuring that public safety can communicate while responding to emergencies inside buildings is a clear need, but identifying the proper solutions and making them affordable to building owners is a significant challenge, according to panelists exploring the topic during a recent Safer Buildings Coalition (SBC) event. Mike Baltrotsky, assistant chief and technology manager for Montgomery […]
  • Indoor 5G and how to solve it
    We all know the problem: mobile phone service is working fine … until you move indoors. Then, sometimes it works (you don’t notice), sometimes it sort of works (meh) and sometimes it clings on by one tiny bar or drops out entirely (argh). Diagnosing the problem is relatively simple. The loss of mobile service indoors […]
  • Honeywell releases cybersecurity, smart-building tools
    Honeywell has released a series of new tools aimed at improving operational efficiency and sustainability, including an operational technology (OT) cybersecurity tool and a smart building management system. The new cybersecurity tool, Cyber Insights, collects information from multiple OT data sources to identify vulnerabilities and threats.  “Organizations should leverage technology to address worker shortages, while […]
  • Small-cell focus still largely on densification, but private-network opportunity growing
    Some big ambitions for small cells were on display during the annual Small Cell World Summit in London this week. But it’s worth remembering that on the ground, their deployment is still at a relatively early stage. Dean Bubley of Disruptive Analysis, who chaired a panel addressing the issues of value creation and monetization, summarized […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Open-source tools for the IoT ecosystem
  • Cyber is the new Cold War, and AI is the arms race
  • Private wireless networks in the US start going public
  • Microsoft patches 6 zero-day vulnerabilities under active attack

Commentary


Updated: How ‘sidelink’ peer-to-peer communications can enhance public-safety operations

  • 1
27th February 2023

NG911 needed to secure our communities and nation

24th February 2023

How 5G is making cities safer, smarter, and more efficient

26th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.