The widespread use of wireless networks in the enterprise is no longer a concept for the future—it is a reality. However, with increasing adoption comes an ever-increasing security concern. The addition of wireless devices to enterprise networks has changed the conventional definition of network access to something beyond mere physical connections. In today's network environment, the perimeter to be secured by IT professionals now includes the street leading to the company parking lot.
Protecting such an amorphous boundary requires a sophisticated set of tools that can access information and data that lie beyond the conventional areas normally accessed by standard utility applications. This is where the open source community is making a major contribution. In the wireless arena, tools like NetStumbler, StumbVerter, Kismet Wireless, and AirSnort give network administrators, security application developers, and other interested IT professionals weapons they can use to fend off various nefarious attacks.
Source Security Tools: Practical Guide to Security Applications
A practical guide to security applications
Tony Howlett's book, Open Source Security Tools: A Practical Guide to Security Applications, published by Prentice Hall, explains how open source applications can fulfill vital security needs for IT professionals and application developers at all management levels of the enterprise. You can download Chapter 10: Wireless Tools, a PDF excerpt from the book, which covers applications designed to help you secure wireless networks. This chapter also explains how to use open source tools to reveal whether someone is using your wireless network without your knowledge or permission.
In preparation for publishing the Wireless Tools excerpt, Builder had the opportunity to ask the author, Tony Howlett, a few questions. In the following interview, Howlett discusses the current state of enterprise network security and how open source software can fill in the gaps left by traditional proprietary applications.
Q & A
[Builder] McAfee has recently recorded over 100,000 malicious threats roaming around the Internet. That is a lot to protect against. Do you think technology, open source or otherwise, can reduce or even eliminate these threats or are we going to have to learn to live with a constant threat to our networked world?
[Howlett] Security software can certainly help to lessen the risk. I wouldn't be in this business if I didn't think so! However, I don't think we will ever eliminate it. Unfortunately operating systems and applications are getting ever bigger and with that, room for bad code and bugs that make the black hats' jobs easier. Also, more and more exploits are using social means to get users to execute them with privileges. The "I love you" virus was the first example of this. No software or hardware in the world can protect you against poorly trained employees. I think we will have to be vigilant for a long time to come.
[Builder] Wireless technology is quickly becoming the standard protocol for networking computer systems—both at the consumer level and for enterprises. We have seen numerous stories of non-secure wireless networks existing in corporate environments that should know better. War-driving has even become a leisure activity for some. Why are companies failing to understand the need for security when deploying wireless networks?
[Howlett] It's the classic story of ease-of-use triumphing over proper installation and also lack of motivation to care. We are starting to see unsecured wireless connections used to perpetrate attacks, release virus code, and do spam. Once companies start getting their Internet connection shut down and their mail servers being put on blacklists, they will start to care more. Legal action against companies who allow their networks to be used for attacks will also be an eye-opener. Finally, legislation might help, especially in the public sector.
[Builder] Obviously, the situation described by Question two cannot stand—corporations will get the picture eventually and this is where open source tools will come into play. What are the three most important open source applications/technologies for securing wireless networks?
[Howlett] NetStumbler, covered in my book is a network manager's best friend right now when it comes to assessing their wireless security. It's easy to load, easy to use, and gives a lot of information up front. The StumbVerter tool for creating nice maps is also useful for demonstrating the problem to management.
[Builder] In the chapter on Wireless Tools from Open Source Security Tools: A Practical Guide to Security Applications, you mention several open source tools including NetStumbler and Kismet Wireless. Have any new tools been introduced in the past few months that interest you? What wireless tools are missing from the open source toolkit? Are they currently in development—are there applications that developers in the Builder community should be considering?
[Howlett] There hasn't been anything really hot, other than the latest version of the above-mentioned tools, which are now starting to support the 802.11g wireless protocols. There is a big need for a Windows-based WEP-cracking program, possibly as an add-on to NetStumbler, so it would be an all-in-one program; also, a NetStumbler-like program for Linux. Currently most of the programs are too hard to install, but this is mostly a matter of Linux/Unix wireless drivers being behind Windows.
Obviously, network security has been, and will be for the foreseeable future, a constant exercise in vigilance. Open source software and the community that accompanies it often provide security solutions that go beyond the traditional thinking of proprietary vendors. This outside-the-box thinking could mean the difference when it comes to securing your enterprise data and applications. In particular, using the tools outlined in the Wireless Tools book excerpt could save you time, money, and possibly even embarrassment over the loss of sensitive data, financial information, and/or source code.
Mark W. Kaelin has been writing and editing stories about the IT industry, gadgets, finance, accounting, and tech-life for more than 25 years. Most recently, he has been a regular contributor to BreakingModern.com, aNewDomain.net, and TechRepublic.