Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless How To

Introduction

Wireless security - two words generally spoken in the same tone as "jumbo shrimp" and "government organization". Because of the nature of the technology, and the easily-broken encryption solutions that are currently out there, it becomes a question of not if, but when an attack will occur. Small- and home-office users are especially vulnerable, as they generally have more important things to worry about than securing their wireless assets and lack the resources of larger companies to devote to a security contact or team.

But all is not lost, as there are ways to verify the security of a wireless network despite the oxymoron that wireless security generally conjures to mind. Intrusion Detection Systems (IDS for short) provide a way to detect these attacks even before they happen, while the intruder is still casing the place. They are not the be-all-end-all to security, but when combined with firewalls and other security tools they can be very powerful. It is helpful to think of IDS as similar to burglar alarms: they will tell you that a break-in has happened, but leave it up to other systems to handle the break-in itself.

The namesake of the Snort IDS

Figure 1: The namesake of the Snort IDS

Snort is an open source IDS that can be custom-tailored to fit your wireless network. Calling itself "the de facto standard for intrusion detection", Snort is flexible, fast, and most importantly, free. All it takes is a little bit of elbow grease to get it up and sniffing away at wireless traffic.

Snort and other IDS can be especially effective when dealing with wireless attacks. In a previous series, Humphrey Cheung talked about how the Wired Equivalent Privacy (WEP) encryption scheme can be easily cracked. In addition to this, even more advanced encryption methods can be cracked and wireless authentication schemes broken by a determined attacker. This makes Snort a vital tool in detecting these kinds of attacks and stopping them before they begin.

There is a version of Snort available that is tailored specifically towards the wireless user. Appropriately titled Snort Wireless, this version contains rules that are suited to detecting some of the most common attacks against a wireless access point, and can also be custom-tailored to the specific needs of a wireless network. This article will give you a basic outline of Snort's operation and how it can be applied to your wireless network, leaving the specifics of deploying it up to you.

More Wireless

Top Ranked Routers

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hello, first posting, a complete newbie as far a routers go, last purchased the D-Link 615 (Version B).I purchased the AC3100, refurbished router, fol...
just update to 3.0.0.4.380.7743 and am now having problems. After about 30 min. I get message that system rebooted and port # changed, need to disconn...
Hello...been a while since I've been around here but I've got a legitimate issue that some smart minds can definitely help me figure out.. I've got an...
Using the latest Merlin beta firmware on an AC68 and trying to install DNScyrpt. Used the instructions here:https://github.com/RMerl/asuswrt-merlin/wi...
Hey guys,I have two issues with my router, and I'd really really appreciate any help I get:1. Somehow I blocked LAN access of my router. Now to add to...

Don't Miss These

  • 1
  • 2
  • 3
Get Backblaze Now!