Connect with us

Solutions Fast Track - Monitoring and Intrusion

Discussion in 'Electronic Design' started by [email protected], Jul 21, 2008.

Scroll to continue with content
  1. Guest

    Dear Reader,

    Designing for Detection
    - Get the right equipment from the start. Make sure all of the
    features you need, or will need, are available from the start.

    - Know your environment. Identify potential physical barriers and
    possible sources of interference.

    - If possible, integrate security monitoring and intrusion detection
    in your network from its inception.

    Defensive Monitoring Considerations
    - Define your wireless network boundaries, and monitor to know if
    they’re being exceeded.

    - Limit signal strength to contain your network.

    - Make a list of all authorized wireless Access Points (APs) in your
    environment. Knowing what’s there can help you

    immediately identify rogue APs.

    Intrusion Detection Strategies
    - Watch for unauthorized traffic on your network. Odd traffic can be a
    warning sign.

    - Choose an intrusion detection software that best suits the needs of
    your environment. Make sure it supports customizable

    and updateable signatures.

    - Keep your signature files current.Whether modifying them yourself,
    or downloading updates from the manufacturer, make sure

    this step isn’t forgotten.

    Conducting Vulnerability Assessments
    - Use tools like NetStumbler and various client software to measure
    the strength of your 802.11b signal.

    - Identify weaknesses in your wireless and wired security

    - Use the findings to know where to fortify your defenses.

    - Increase monitoring of potential trouble spots.

    Incident Response and Handling
    - If you already have a standard incident response policy, make
    updates to it to reflect new potential wireless incidents.

    - Great incident response policy templates can be found on the

    - While updating the policy for wireless activity, take the
    opportunity to review the policy in its entirety, and make

    changes where necessary to stay current. An out-of-date incident
    response policy can be as damaging as not having one at all.

    Conducting Site Surveys for Rogue Access Points
    - The threat is real, so be prepared. Have a notebook computer handy
    to use specifically for scanning networks.

    - Conduct walkthroughs of your premises regularly, even if you don’t
    have a wireless network.

    - Keep a list of all authorized APs. Remember, Rogue APs aren’t
    necessarily only placed by attackers.A well-meaning employee

    can install APs as well.

    --- Thank You ---

    James Conack
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Electronics Point Logo
Continue to site
Quote of the day