Wireless Network Administration: Eavesdroppers

Eavesdroppers just like to listen to your network traffic. They don’t actually try to gain access via your wireless network — at least, not at first. They just listen.

Unfortunately, wireless networks give them plenty to listen to. For example:

  • Most wireless access points regularly broadcast their SSID to anyone who’s listening.

  • When a legitimate wireless network user joins the network, an exchange of packets occurs as the network authenticates the user. An eavesdropper can capture these packets and, if security isn’t set up right, determine the user’s logon name and password.

  • An eavesdropper can steal files that are opened from a network server. For example, if a wireless user opens a confidential sales report that’s saved on the network, the sales report document is broken into packets that are sent over the wireless network to the user. A skilled eavesdropper can copy those packets and reconstruct the file.

  • When a wireless user connects to the Internet, an eavesdropper can see any packets that the user sends to or receives from the Internet. If the user purchases something online, the transaction may include a credit card number and other personal information. (Hopefully, these packets will be encrypted so the eavesdropper won’t be able to decipher the data.)