Rogue access points and weak passwords are the bane of any network administrator's life: all it takes is one user setting up a consumer-grade wireless router in the cube farm so he or she can use a PDA or whatever and you've got yourself a potentially serious security risk. It’s quite possible that the wireless signal is leaking out into the street, and anyone passing by could get access to your network – even if they are using WEP, WPA or WPA2 encryption.
But it’s not just rogue APs that are a worry. If you're not using WPA-Enterprise or WPA-Enterprise (both of which use a RADIUS server) in your organization, then any wireless networks you are running using WEP, WPA or WPA2 are also at risk.
That's where Aircrack-ng can be useful. This open source suite of applications can help you locate all the access points in your offices, check that the networks are protected by encryption, and test the strength of the keys or passphrases that are in use. If any networks uses WEP encryption, it will usually find the relevant WEP key in under a couple of minutes, demonstrating that WEP is totally ineffective.
Before you can start you'll need to download and install Aircrack-ng. On an eeePC running Ubuntu you can do this via Synaptic. On any other device you can check you can find it at http://www.aircrack-ng.org/doku.php?id=downloads.
In order carry out attacks on wireless networks efficiently you'll almost certainly need to patch your wireless drivers to support packet injection – patches and details of how to do this can be found at http://www.aircrack-ng.org/doku.php?id=install_drivers. At the time of writing a suitable Madwifi driver and patch for the eeePC's built in wireless card had been released but then withdrawn, but it's likely that an "official" one will be available very soon. Pre-patched drivers are also included with some live Linux security distributions such as BackTrack2, and can be used with many laptops and wireless cards.
But it’s not just rogue APs that are a worry. If you're not using WPA-Enterprise or WPA-Enterprise (both of which use a RADIUS server) in your organization, then any wireless networks you are running using WEP, WPA or WPA2 are also at risk.
That's where Aircrack-ng can be useful. This open source suite of applications can help you locate all the access points in your offices, check that the networks are protected by encryption, and test the strength of the keys or passphrases that are in use. If any networks uses WEP encryption, it will usually find the relevant WEP key in under a couple of minutes, demonstrating that WEP is totally ineffective.
Before you can start you'll need to download and install Aircrack-ng. On an eeePC running Ubuntu you can do this via Synaptic. On any other device you can check you can find it at http://www.aircrack-ng.org/doku.php?id=downloads.
In order carry out attacks on wireless networks efficiently you'll almost certainly need to patch your wireless drivers to support packet injection – patches and details of how to do this can be found at http://www.aircrack-ng.org/doku.php?id=install_drivers. At the time of writing a suitable Madwifi driver and patch for the eeePC's built in wireless card had been released but then withdrawn, but it's likely that an "official" one will be available very soon. Pre-patched drivers are also included with some live Linux security distributions such as BackTrack2, and can be used with many laptops and wireless cards.