Slashdot Mirror

← Back to Stories (view on slashdot.org)

AirTraf 802.11b Security Package

Posted by michael on from the bogie-in-corridor-7 dept.

An anonymous reader writes "Being ignorant of network vulnerabilities is a happy condition for only so long. Ignorance is bliss, right up until someone with rogue access drives away with your company secrets. This article covers information about AirTraf, an open source package, which performs a number of tasks, such as determining the Service Set Identifier of the access points, and the channel it is operating under. It can tell how many wireless nodes are connected to a given access point, as well as that point's total load. AirTraf is capable, too, of polling a number of sniffers through a central polling server in order to collect the most current information. The least of your fears should be the leeching of your Internet connectivity. Industrial espionage is a growing reality that you must confront."

5 of 153 comments (clear)

  1. triangulation by s20451 · · Score: 5, Interesting

    Is there any way to do triangulation if you have more than one base station? Then you could do some spatial security as well, by restricting access to particular zones (say, within your own building). I know the cell phone companies have been trying to implement E911 locating for a while ... could you do such a thing with a carefully written 802.11 driver?

    --
    Toronto-area transit rider? Rate your ride.
  2. Scare Tactics by Bame+Flait · · Score: 3, Interesting

    It's clear to me that no matter how much arm waving is done by security experts and those who stand to profit from the implementation of wireless security (cough, IBM), nothing short of tragedy can motivate American organizations to take security seriously.

    Security is NOT a necessity - in fact, many of the things people are trying to "protect" these days don't need to be protected at all - security consultants just want to rake in commissions as they help their clients "secure" their data.

    It's high time that these profiteers take off their Microsoft hats and start acting with the best interest of the end-user in mind.

  3. Re:Its a very very simple equation by hpa · · Score: 4, Interesting

    Always treat your wireless network as a completely insecure network; the same way you treat the public Internet. This has the additional advantage that when visitors come to your company, they can use your wireless network to access their own home base. This can be amazingly useful.

    Then use VPN to give your own staff access to the network, with the same security level you require for access from the public Internet.

    WEP is not useful for anything than discouraging the casual bandwidth leech, if that matters to you at all.

  4. Use WaveSEC with opportunistic encryption. by mellon · · Score: 4, Interesting
    WaveSEC is an add-on for Linux and the BSDs that lets you set up an opportunistic encryption path between your laptop and a server on the wired network. This keeps you safe from eavesdroppers who know your WEP key - indeed, with WAVEsec you don't need a WEP key.


    Note that WaveSEC is NOT a replacement for end-to-end security. All it does is protect you from wireless eavesdroppers. If you are using WaveSEC or end-to-end IPsec for all your network connections, you don't need WAVEsec.

  5. Re:Its a very very simple equation by buysse · · Score: 4, Interesting
    WEP is not useful for anything than discouraging the casual bandwidth leech, if that matters to you at all.
    WEP may be useful in one other way -- it gives you some legal protection if someone else uses your wireless network to do something malicious. Running your network unencrypted could be seen as the equivalent of leaving your front door open when you're not home.
    --
    -30-