Handy Wireless Network Protection

A wireless network is another tool that small companies can use to go toe-to-toe with larger competitors. Along with letting workers remain connected&#151and productive &#151 as they conduct business throughout the building, wireless networks reduce the problems and expense of snaking wires through walls, ceilings and closets.

Of course, a WLAN (wireless network) needs just as much protection, if not more, than the hardwired variety. AirMagnet, Inc. , a wireless network security company out of Sunnyvale, Calif., makes a software program for Pocket PCs &#151 the AirMagnet Handheld Analyzer &#151 that can assist you in locking down your WLAN and trouble-shoot its performance problems to boot.

If you’ve got a wireless network in place and you’re network traffic contains sensitive information such as credit card numbers, medical records, and information about user identities &#151 it would behoove you to understand what is happening on your network.

One caveat: the program costs $2,995 &#151 it’s not intended for small networks with one or two access points. Think small businesses with 50 employees and up.

Avoiding Squatters, Improving Performance
Unless you put strong authentication mechanisms place, anyone can poach off of your wireless network. If you’re not monitoring the network traffic closely, you may not even realize someone has connected to your wireless network.

While it’s probably true that most unauthorized squatters are simply looking for free Internet connectivity, some have more nefarious motives; they want credit card numbers and sensitive private information.

If your company deals with sensitive information such as credit card numbers, medical records and customer data &#151 you need to monitor your network and protect it from intrusions.

Even if a squatter just wants free Internet connectivity, using your bandwidth is stealing plain and simple. After all, you pay for your bandwidth, and the more people who join your network, the slower your network will become &#151 and that could impact your company’s productivity and its bottom line.

Monitoring and analyzing your wireless network lets you make informed decisions about network intrusions, security configurations, new safeguard requirements, network performance and security policy recommendations.

Improving your ability to trouble shoot problems that your employees (or co-workers) experience is another reason you may want to monitor your wireless network.

AirMagnet Handheld Analyzer

AirMagnet Handheld software runs on a Pocket PC that supports the wireless standards known as 802.11b &#151 and not 802.11a or 802.11g. AirMagnet provides support for 802.11a/g networks using a different product known as AirMagnet Laptop.

Clearly one of the nice things about the AirMagnet Handheld is that it is extremely mobile, since its operational platform is a handheld.

With AirMagnet Handheld Analyzer, you can walk through a facility and locate all the wireless access points, their MAC addresses and their IP addresses. While it’s well known that IP addresses can be spoofed, MAC addresses can be spoofed as well, but usually aren’t.

Nonetheless, the analyzer can identify spoofed MAC addresses by determining if the MAC address is that of a real vendor, or also by determining if the packets that pass through the device’s MAC interface are out of sequence. While the handheld analyzer is not a wireless sniffer per se, it can decode OSI network layers 1, 2 and 3 &#151 the radio signal, the datalink layer and the network layer, respectively.

Routine walk-through scans of your network provide useful information for network management purposes. For example, you can find out if any unauthorized (rogue) access points have been set up.

AirMagnet Handheld’s Find Tool can actually help you physically locate a rogue access point once you have picked up its signal and can tell you what SSID it’s broadcasting. Once you launch the Find Tool, you rotate and walk around looking for the direction in which the Find Tool signal gets stronger.

You move toward the direction that increases the signal strength until you find the access point. By using this technique, you can usually find a rogue access point in four or five minutes.

You can also find out if any authorized access points are operating without encryption, and thus exposing sensitive and proprietary information. Sometimes Wi-Fi channels become overloaded. While trouble-shooting, administrators may turn encryption capabilities off and then forget to turn the encryption back on. AirMagnet Handheld Analyzer will actually sound alarms if it finds unprotected access points while scanning the airwaves.

Here’s another cool feature: AirMagnet Handheld Analyzer will tell you the precise distance that your Wi-Fi signals extend beyond your physical network. That way you can determine how far beyond your office, demo room or building that you need to monitor for unauthorized visitors.

For example if you discover that your Wi-Fi network extends 10 feet beyond your building, you can position surveillance cameras to monitor up to 10 feet out from the perimeter of the building.

Based on how far outside your facility your Wi-Fi signal transmits, you can also figure out how far inside the interior of your building to reposition your access points so that the Wi-Fi signal stays inside the complex and does not bleed out to unmonitored areas.

AirMagnet Handheld Analyzer screenshot

Figure 1. Finding Disabled Encryption
(Click for larger image)

For example, if an access point transmits a signal six feet beyond the outside wall of the building, you can move the access point six feet towards the interior of the building so that only trusted insiders can use the signal. However, even easier than that, you can simply lower the transmit power on the access point so it doesn’t extend beyond the exterior of the building.

You can enforce your Wi-Fi security policy by finding out what security algorithms are currently operating on each access point. For example if your policy specifies that WEP, TKIP and AES should be configured on all access points, you can find out if any access points do not have those algorithms and protocols enabled.

You can also set up AirMagnet Handheld Analzyer to generate alarms that are consistent with your security policy. The program will alert you if the encryption algorithms required by your security policy are not enabled as illustrated in Figure 1.

Once you receive an alarm, the AirMagnet’s user interface lets you drill down and find out specific information on that security violation as depicted in Figure 2.

AirMagnet Handheld Analyzer screenshot

Figure 2. Drilling Down Further
(Click for larger image)

AirMagnet Handheld Analyzer can perform a host of other functions, and this article only describes a few of them. If you’re concerned about your wireless network security, or simply want to find out what is interfering with your Wi-Fi signal (e.g. microwave ovens, wireless cameras, wireless printers or wireless video games) it’s a worthwhile tool to have on hand.

Supported Configurations
If you plan on using AirMagnet Handheld, be sure that your Pocket PC has the following resources:

  • Microsoft Pocket PC 2002/2003
  • 32-64Mb RAM
  • 2Mb free storage space (disk or flash) for installation of the software
  • 8Mb free memory space
  • An open slot for a PCMCIA card or a CD Type II card

You’ll also need to be sure your Pocket PC has one of the following supported Wi-Fi cards:

  • Cisco Aironet 352 (AIR-LMC352 or AIR-PCM352)
  • EnGenius Wireless Compact Flash Card (EL-2511CF or NL-2511CF)
  • The product may or may not work on with Pocket PCs that have built-in Wi-Fi, but the company makes no support claims as to whether it will or not.

    The AirMagnet Handheld Analyzer costs $2,995 and the vendor indicates that volumes discounts are available for larger-scale purchases. The price tag does not include the Wi-Fi card that you’ll need to use the analyzer.

    Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

    Adapted from pocketpccity.com/.

    Must Read

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.