_gaq.push(['_setAccount', 'UA-35754314-2']); _gaq.push(['_setDomainName', 'securityeverafter.com']); _gaq.push(['_trackPageview']); Security Ever After: Control 14: Wireless Device Control var _gaq = _gaq || []; (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();

Sunday, September 4, 2011

Control 14: Wireless Device Control

Wireless network access allows for better collaboration and mobility. With this relatively new medium comes an extra risk. Be sure to handle this administratively through the use of policy and user education to set clear expectations of appropriate use. Specific policy reference should be made that prohibits the use of peer to peer wireless networking.

Several popular Linux distributions provide pre configured Kismet. Use these platforms to continually run on old laptops in each office location. For no cost, a continual assessment for wireless activity can be performed. As each access point is identified, white list any approved and neighbor business access point and include them in the Wireless Usage policy. All others must be classified as neighbor businesses or rogues to be investigated and disabled.

Discovery of wireless access points can also be performed using traditional network scanning tools, such as Nessus. Using the plugin 11026, daily complimentary scans can help identify rogue and authorized access points. Combining both wired and wireless scanning tools will help identify wireless usage in the environment.

Be sure to check out the recently published book, Hacking Exposed Wireless Second Edition by Johnny Cache, Joshua Wright & Vinnie Liu. This book is well written and included three compelling sections on hacking wireless technology, wireless clients and hacking Bluetooth, ZigBee and DECT.

No comments:

Post a Comment