When most people think of wireless, they think only in terms of access and not in terms of attacks or intrusions, say David D. Coleman and David A. Westcott in ‘CWNA: Certified Wireless Network Administrator Official Study Guide’ (www.wileyindia.com).
They emphasise, therefore, on the need to constantly monitor for the many types of attacks because of the potential damage they can cause. Proactive enterprises, however, deploy a WIDS (wireless intrusion detection system) before deploying the wireless network that is meant to provide access.
Wireless can be an intrusive technology, and if wired data ports at a business are not controlled, any individual (including employees) can install a rogue access point, the author’s caution.
The typical WIDS is a client/ server model that consists of three components, they describe. The first is WIDS server, a software/hardware server acting as a central point of management. Management consoles, the second component of the model, connect back to the WIDS server as clients, and can be used for 24/7 monitoring of wireless networks.
And what can make you sit up and notice the WIDS is the third component, the sensors, which are placed strategically to listen to and capture all communications! “Sensors are basically radio devices that are in a constant listening mode as passive devices. The sensor devices are usually hardware based and resemble an access point… The centralised server can collect data from literally thousands of sensors from many remote locations meeting the scalability needs of many large corporations…”
Most WIDS will usually have alarms for as many as 60 potential security risks, inform Coleman and Westcott. “An important part of deploying a WIDS is setting the policies and alarms. False positives are often a problem with intrusion detection systems, but they can be less of a problem if proper policies and thresholds are defined.”
“We bought a high-tech punching bag for our fitness room, and it comes with virtual reality goggles…”
“So people can almost feel the kicks?”
“No, they can upload the face they want to ‘see’ on the bag!”