Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless How To

Introduction

Wireless security - two words generally spoken in the same tone as "jumbo shrimp" and "government organization". Because of the nature of the technology, and the easily-broken encryption solutions that are currently out there, it becomes a question of not if, but when an attack will occur. Small- and home-office users are especially vulnerable, as they generally have more important things to worry about than securing their wireless assets and lack the resources of larger companies to devote to a security contact or team.

But all is not lost, as there are ways to verify the security of a wireless network despite the oxymoron that wireless security generally conjures to mind. Intrusion Detection Systems (IDS for short) provide a way to detect these attacks even before they happen, while the intruder is still casing the place. They are not the be-all-end-all to security, but when combined with firewalls and other security tools they can be very powerful. It is helpful to think of IDS as similar to burglar alarms: they will tell you that a break-in has happened, but leave it up to other systems to handle the break-in itself.

The namesake of the Snort IDS

Figure 1: The namesake of the Snort IDS

Snort is an open source IDS that can be custom-tailored to fit your wireless network. Calling itself "the de facto standard for intrusion detection", Snort is flexible, fast, and most importantly, free. All it takes is a little bit of elbow grease to get it up and sniffing away at wireless traffic.

Snort and other IDS can be especially effective when dealing with wireless attacks. In a previous series, Humphrey Cheung talked about how the Wired Equivalent Privacy (WEP) encryption scheme can be easily cracked. In addition to this, even more advanced encryption methods can be cracked and wireless authentication schemes broken by a determined attacker. This makes Snort a vital tool in detecting these kinds of attacks and stopping them before they begin.

There is a version of Snort available that is tailored specifically towards the wireless user. Appropriately titled Snort Wireless, this version contains rules that are suited to detecting some of the most common attacks against a wireless access point, and can also be custom-tailored to the specific needs of a wireless network. This article will give you a basic outline of Snort's operation and how it can be applied to your wireless network, leaving the specifics of deploying it up to you.

More Wireless

TRENDnet logo

How Powerline Can Solve Your Wi-Fi Woes - There's a better way to get WiFi Everywhere™.

Wi-Fi System Tools
Check out the new Wi-Fi System Charts, Ranker and Finder!

Featured Sponsors


Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I'm using the latest(?) Merlin fw (380.68_4) on my RT-AC68U.I'd like to see the accepted packets in the syslog if they came from wan. But not the LAN ...
About a month ago, I got the guy from ChinaTelecom to hook up internet for me, and it was running really slow lately so I went to look at the TP-LINk ...
Good morning,I have 2 x RT-AC88U's. One of which has a broken antenna (young, clumsy children!). So I bought a second a while ago.The one with the bro...
Hi guys!I've noticed a strange entry at the log of my RT-AC88U - Merlin's latest stable firmware, 382.1. It is a message related to an app, but I don'...
Hey All,I am new to setting up vlans, and I am trying to figure out how to allow my Vlan "10" to allow traffic from my VLAN "1"Here is my current conf...

Don't Miss These

  • 1
  • 2
  • 3
Get Backblaze Now!