Wednesday, December 11, 2024

IBM Counters “Drive-by Hacking” with New Software

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Researchers in IBM’s Hawthorne, N.Y. facility Monday said they have worked up new software that
monitors 802.11 wireless networks and reports any security problems as soon as they are detected.

A true “sniffer” product that ferrets out intrusions, the Distributed
Wireless Security Auditor
(DWSA) runs on desktop and laptop computers, minding wireless network security. If a breach is
detected, the software program lets the central back-end servers know about it.

Powered by Linux with a Windows version to come soon, the DWSA system pinpoints the location of rogue access points based on signal
strength measurements by the wireless hardware on the clients. As long as at least three client machines report the signal strength
of the rogue, their reports can be used by the system to calculate the access point location using the estimated ranges and
geometry.

The DWSA was created to combat such malicious methodologies as drive-by hacking, in which a perpetrator can access a WLAN from a
moving car, or a park bench within reasonable distance to the facility in which the network resides. Hackers can pull crucial data
from insecure networks using a laptop or personal digital assistant, and then quickly be on their way.

What does this do for IT staffers? It saves them the time it would take to do manual checks for intrusive activity, which is vital
because wireless networks need to be checked frequently because employees can easily add new wireless devices, which may become
convenient access points for users who intend malice.

Dave Safford, manager of Global Security Analysis Lab at IBM Research, said increased popularity of 802.11 networks highlights the
need for such self-diagnostic software tools.

The DWSA is a follow-up to the Wireless Security Auditor (WSA)
the outfit unveiled last summer, which runs on a small wireless PDA running Linux. The WSA for LANs is used by IBM consultants to
detect wireless access points that do not have the appropriate security. A set of recommendations are sent to the customer.

The wireless security tool was developed in collaboration with the IBM Personal Computing Division, which is looking in to including it in future ThinkPad models.

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles