Thursday, June 3, 2010

Is Your Wireless Auditing Done Right?

WiFi is one of the newest networking technologies and hence auditing wireless networks is still a big challenge for auditors. It is mainly due to the unavailability of sophisticated solutions to cover all possible and realistic scenarios. More often than not the wireless network or security audits are done with the help of open source software/tools freely available on the Internet. These tools have some intrinsic limitations and hence do not always give answer to all the wireless auditing related questions. Due to the software limitations wireless auditing fail to ensure FIVE important wireless audit requirements are:

1. Presence of NO mis-configured, rogue or unmanaged wireless device on the trusted/authorized network
2. Presence of ALL authorized wireless device on the network Up and Running
3. Presence of the BEST wireless security configuration (e.g. WPA2/802.1x)for authorized wireless LANs
4. Presence of NO infected or rogue wireless client device
5. Presence of ALL wireless connection association logs for forensics purpose

Now we know what to see in the report when we get a wireless audit done next time !

No comments:

Post a Comment