New Way to ID Invisible Intruders on Wireless LANs
Bergkamp10 writes "Australia's University of Technology in Queensland has created a groundbreaking new system that can detect invisible intruders on wireless LANs. Wireless networks have been almost impossible to thoroughly secure as they possess no clearly defined boundaries, instead they are defined by the quality and strength of the receiving antenna. QUT Information Security Institute researcher Dr Jason Smith has invented a new system to detect eavesdropping on unencrypted networks or active hijackings of computer sessions when a legitimate user who is logged onto the network leaves the connection. Smith has created a series of monitoring techniques that when used together can detect both attackers and configuration mistakes in network devices."
If you really want to keep people off your LAN then you need to deploy a good authentication system. It's not perfect, and of course anyone who hijacks the IP address is likely to gain access, but without going into VPN tunnels it's perhaps the only good way. Take a look into pftables or see this video for a demonstration: http://s5h.net/u?14
Why UNIX?