Forum

Now to answer the other part of Wilddev's question.

Kimberly Graves, CWNE #2 and I developed a course awhile back on Wireless LAN Penetration Testing called WLSAT (Wireless LAN Security and Assessment Toolkit) where we taught folks how to use the latest in penetration testing (read HACKING) into wireless networks.

There are many many techniques. But you asked: "how well the can detect and prevent someone who knows wireless well from getting past them?"

Both the Overlay and Time-Slice models allow for the Detection of just about all forms of Wireless Attacks. They all use some sort of Denial of Service to do the 'Prevention' bit of a WIPS service. This in itself was designed to protect the client's own network from unwanted wireless connections. But this also has an unintended consequence, it in itself perpetuates the Denial of Service for the clients' employees who happened to be connected with the Rogue devices. Be sure your help desk knows the signs and symptoms that occur when your WIPS is in 'protect' mode.

Also be cognizant of the legal ramifications of having a system that can cause DoS attacks to your neighbors if implemented and configured incorrectly.

WIPS/WIDS systems can do a great job protecting your Wireless infrastructure, but from the hackers standpoint, wireless is only one of the access methods into your network. You'll need a broad spectrum security solution, wireless is only a component in that system.

Keith

keith@wlanpros.com
http://wirelesslanprofessionals.com