The widespread use of wireless networks in the enterprise is
no longer a concept for the future—it is a reality. However, with increasing
adoption comes an ever-increasing security concern. The addition of wireless
devices to enterprise networks has changed the conventional definition of
network access to something beyond mere physical connections. In today’s
network environment, the perimeter to be secured by IT professionals now
includes the street leading to the company parking lot.

Protecting such an amorphous boundary requires a
sophisticated set of tools that can access information and data that lie beyond
the conventional areas normally accessed by standard utility applications. This
is where the open source community is making a major contribution. In the
wireless arena, tools like NetStumbler, StumbVerter, Kismet Wireless, and
AirSnort give network administrators, security application developers, and
other interested IT professionals weapons they can use to fend off various
nefarious attacks.

Untitled Document


Source Security Tools: Practical Guide to Security Applications

By Tony Howlett

ISBN: 0321194438
Publisher: Prentice Hall
(July 29, 2004)
Pages: 608

Series: Bruce Perens’ Open Source Series
Copyright: 2005


A practical guide to security applications

Tony Howlett’s book, Open
Source Security Tools: A Practical Guide to Security Applications
published by Prentice Hall, explains how open source applications can fulfill
vital security needs for IT professionals and application developers at all
management levels of the enterprise. You can download Chapter 10:
Wireless Tools
, a PDF excerpt from the book, which covers applications
designed to help you secure wireless networks. This chapter also explains how
to use open source tools to reveal whether someone is using your wireless
network without your knowledge or permission.

In preparation for publishing the Wireless Tools excerpt,
Builder had the opportunity to ask the author, Tony Howlett, a few questions.
In the following interview, Howlett discusses the current state of enterprise
network security and how open source software can fill in the gaps left by
traditional proprietary applications.

Q & A

[Builder] McAfee
has recently recorded over 100,000 malicious threats roaming around the
Internet. That is a lot to protect against. Do you think technology, open
source or otherwise, can reduce or even eliminate these threats or are we going
to have to learn to live with a constant threat to our networked world?

[Howlett] Security
software can certainly help to lessen the risk. I wouldn’t be in this business
if I didn’t think so! However, I don’t think we will ever eliminate it.
Unfortunately operating systems and applications are getting ever bigger and
with that, room for bad code and bugs that make the black hats’ jobs easier.
Also, more and more exploits are using social means to get users to execute
them with privileges. The “I love you” virus was the first example of
this. No software or hardware in the world can protect you against poorly
trained employees. I think we will have to be vigilant for a long time to come.

Wireless technology is quickly becoming the standard protocol for networking
computer systems—both at the consumer level and for enterprises. We have seen
numerous stories of non-secure wireless networks existing in corporate
environments that should know better. War-driving has even become a leisure
activity for some. Why are companies failing to understand the need for
security when deploying wireless networks?

[Howlett] It’s
the classic story of ease-of-use triumphing over proper installation and also
lack of motivation to care. We are starting to see unsecured wireless
connections used to perpetrate attacks, release virus code, and do spam. Once
companies start getting their Internet connection shut down and their mail
servers being put on blacklists, they will start to care more. Legal action
against companies who allow their networks to be used for attacks will also be
an eye-opener. Finally, legislation might help, especially in the public

Obviously, the situation described by Question two cannot stand—corporations
will get the picture eventually and this is where open source tools will come
into play. What are the three most important open source
applications/technologies for securing wireless networks?

NetStumbler, covered in my book is a network manager’s best friend right now
when it comes to assessing their wireless security. It’s easy to load, easy to
use, and gives a lot of information up front. The StumbVerter tool for creating
nice maps is also useful for demonstrating the problem to management.

[Builder] In the
chapter on Wireless Tools from Open
Source Security Tools: A Practical Guide to Security Applications
, you
mention several open source tools including NetStumbler and Kismet Wireless.
Have any new tools been introduced in the past few months that interest you?
What wireless tools are missing from the open source toolkit? Are they
currently in development—are there applications that developers in the Builder
community should be considering?

[Howlett] There
hasn’t been anything really hot, other than the latest version of the above-mentioned
tools, which are now starting to support the 802.11g wireless protocols. There
is a big need for a Windows-based WEP-cracking program, possibly as an add-on
to NetStumbler, so it would be an all-in-one program; also, a NetStumbler-like
program for Linux. Currently most of the programs are too hard to install, but
this is mostly a matter of Linux/Unix wireless drivers being behind Windows.


Obviously, network security has been, and will be for the
foreseeable future, a constant exercise in vigilance. Open source software and
the community that accompanies it often provide security solutions that go
beyond the traditional thinking of proprietary vendors. This outside-the-box
thinking could mean the difference when it comes to securing your enterprise
data and applications. In particular, using the tools outlined in the Wireless Tools
book excerpt
could save you time, money, and possibly even embarrassment
over the loss of sensitive data, financial information, and/or source code.