IBM Counters "Drive-by Hacking" with New Software

Big Blue researchers issue the follow-up to their wireless auditing tool for 802.11 networks.


How to Help Your Business Become an AI Early Adopter


Researchers in IBM's Hawthorne, N.Y. facility Monday said they have worked up new software that monitors 802.11 wireless networks and reports any security problems as soon as they are detected.

A true "sniffer" product that ferrets out intrusions, the Distributed Wireless Security Auditor (DWSA) runs on desktop and laptop computers, minding wireless network security. If a breach is detected, the software program lets the central back-end servers know about it.

Powered by Linux with a Windows version to come soon, the DWSA system pinpoints the location of rogue access points based on signal strength measurements by the wireless hardware on the clients. As long as at least three client machines report the signal strength of the rogue, their reports can be used by the system to calculate the access point location using the estimated ranges and geometry.

The DWSA was created to combat such malicious methodologies as drive-by hacking, in which a perpetrator can access a WLAN from a moving car, or a park bench within reasonable distance to the facility in which the network resides. Hackers can pull crucial data from insecure networks using a laptop or personal digital assistant, and then quickly be on their way.

What does this do for IT staffers? It saves them the time it would take to do manual checks for intrusive activity, which is vital because wireless networks need to be checked frequently because employees can easily add new wireless devices, which may become convenient access points for users who intend malice.

Dave Safford, manager of Global Security Analysis Lab at IBM Research, said increased popularity of 802.11 networks highlights the need for such self-diagnostic software tools.

The DWSA is a follow-up to the Wireless Security Auditor (WSA) the outfit unveiled last summer, which runs on a small wireless PDA running Linux. The WSA for LANs is used by IBM consultants to detect wireless access points that do not have the appropriate security. A set of recommendations are sent to the customer.

The wireless security tool was developed in collaboration with the IBM Personal Computing Division, which is looking in to including it in future ThinkPad models.

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.