IBM said Thursday that it has developed a prototype of a tool that runs on a wireless handheld and monitors 802.11 wireless networks for potential security breaches.
The company said its Linux-based Wireless Security Auditor application is fully automated and automatically collects security-based information. It enables network administrators to identify and analyze points of vulnerability in the wireless network, according to IBM.
The company said in a statement that they developed the application to run on a wireless handheld so that network administrators could be mobile while assessing security concerns.
The audit information is displayed on a color-coded user interface. For instance, properly secure access points are shown in green and vulnerable ones are in red. The tool also provides detailed information about the access point, including its address, station and network name and physical location.
“As 802.11 wireless networks become more common, companies’ intranets are increasingly being exposed to drive-by hacking,” said Dave Safford, manager of network security at IBM Research.
Safford noted that 802.11 wireless security measures typically consist of both a data encryption technique called Wired Equivalent Privacy (WEP) and an authentication algorithm called Shared Key Authentication. However, both typically are turned off unless network administrators explicitly switch them on.
Security breaches can occur when end users add new wireless devices but don’t switch on security precautions, he said.