The Web    Google
Wi-Fi Security Review: AirMagnet

Wi-Fi Security Review: AirMagnet
March 15, 2004

Wireless networking has rapidly become the new way to upgrade systems and networks. It offers freedom of movement and flexibility in changing enterprise environments. Unfortunately, when the 802.11 protocol was developed, little thought went towards security. What security was applied -- specifically WEP -- was quickly broken. Today, it's widely recognized that WEP provides little to no security.

But that said, some security is better than none. Even this limited security can be helpful on simple networks. One of the most trying issues that is seen today is the amount of unsecured wireless networks that exist.

Walking down Yonge Street and Bay Street (heart of the Financial District in Toronto) one finds countless warchalking markings (warchalking refers to the "chalk marks" that people leave to indicate the proximity of open wireless networks). War driving, the act of looking for and using open, unsecure wireless networks is increasing with little-to-no legal action being taken. Until laws are set to deal with this, companies will need to deal with issues themselves.

Being able to audit existing networks for security and performance for small networks is fairly easy. But when you get to medium, large or extra-large, standard tools just won't cut it. There are too many APs and stations to deal with. In addition, it's likely you'll pick up traffic from other sites and need to disentangle the signals. That's where a tool like AirMagnet, designed specifically for larger networks, comes in handy.

An administrator can install this tool on a laptop or handheld PC. The graphical interface allows for easy navigation and if the additional AirMagnet Reporter is installed, easy interpretation. Even without the Reporter I was amazed as to how much information AirMagnet picked up in the test networks I used it on.

AirMagnet Screenshot -- Click to Enlarge For one network, the security in general wasn't bad, albeit a bit noisy in traffic and having only the simplest of security. The other network (see screenshot; MACs removed to protect the "innocent") was quite scary in the laxness and openness found.

AirMagnet's strength lies in its ability to determine a WLAN's security posture and performance. For administrators, this alone is worth the cost of AirMagnet. A few of the APs I tested had an extremely high ratio of signal-to-noise. In fact, it had reached 40% (lots of noise!) making the signal sporadic at times.

Page 2: More Performance Analysis Features, Tracking Rogue Users and the Cost of Wi-Fi Security

  • Robbing the (Data) Bank
  • Cisco Snaps Up Security Software Maker
  • 9/16: Evaman-D Worm Kills Active Processes
  • Cisco Warns of Voice Product Security Flaws
  • Feinstein Tightens ID Theft Proposal
  • 7/12 Atak.A Worm Low Threat but High Traffic
  • Santy-A Worm Raises Fears Over New Trend
  • 5/20: Mytob-EU Worm Drops Copy
  • Humans Still Weakest Security Link
  • Under the Radar: IM Emerging as a Stealth Threat
  • Guidance Software Pushes Proactive Forensics
  • Security Camera Product