Linux administration tips for Red Hat, SUSE, networks, securityLinux security tools and network monitoring <<previous|next>> :Network monitoring and server management with Nagios
Protecting your wireless network
Protecting your wireless network is not so much a matter of open source or commercial tools rather configuration and security settings. There are some scanning/sniffing tools (which I'll cover later) that might help, but principally you need to get your configuration right. The primary security principle to consider on your wireless network is sufficient encryption. Don't use WEP. Upgrade your wireless hardware and clients to use WPA and preferably WPA2. Read this article for a good explanation of why WPA2 is better than WPA. It also has a link to a previous article explaining why WPA is better than WEP.
Other security considerations include:
Hiding your SSID
Your SSID advertises the presence of your network to wireless clients. Hiding it will keep casual snoopers from seeing your network, more sophisticated attackers armed with wireless sniffers will still see your SSID.
Using MAC address filtering
MAC address filtering only allows hosts with specified MAC addresses to join your wireless network. Like hiding your SSID this is mostly useful for deterring less sophisticated attackers. Serious attackers can 'spoof' an acceptable MAC address and then join your network. This control can also be problematic if you have large numbers of hosts as adding, removing and updating large numbers of MAC addresses in your access point can be time-consuming and complicated.
Strong security on your wireless access point
Ensure you secure your access point with a strong password and that you disable any clear-text administration functions, such as via HTTP or Telent. Use only secure administration methods via mechanisms such as SSH and HTTPS.
As for open source wireless security tools there are a number of excellent scanning and sniffing tools that can help you ascertain the state and number of wireless networks in your environment/organisation. These tools can also sometimes assist in testing the strength of your encryption keys. These tools include:
13 Dec 2006