Wireless Network Administration: Intruders

With a wired network, an intruder must usually gain access to your facility to physically connect to your network. Not so with a wireless network — in fact, with wireless, hackers equipped with notebooks that have wireless network capability can gain access to your network if they can place themselves physically within range of your network’s radio signals. Consider these possibilities:

  • If you share a building with other tenants, the other tenants’ offices may be within range.

  • If you’re in a multifloor building, the floor immediately above or below you may be in range.

  • The lobby outside your office may be within range of your network.

  • The parking lot outside or the parking garage in the basement may be in range.

If a would-be intruder can’t get within normal broadcast range, he or she may try one of several tricks to increase the range:

  • A would-be intruder can switch to a bigger antenna to extend the range of his or her wireless computer. Some experiments have shown that big antennas can receive signals from wireless networks that are miles away. In fact, there is a documented case of someone who listened in on wireless networks based in San Francisco from the Berkeley hills, which is across the San Francisco Bay.

  • If a would-be intruder is serious about breaking into your network, he or she may smuggle a wireless repeater device into your facility — or near it — to extend the range of your wireless network to a location that he or she can get to.

Of course, a physical connection to your network is not the only way an intruder can gain access. You must still take steps to prevent an intruder from sneaking into your network through your Internet gateway. In most cases, this means that you need to set up a firewall to block unwanted and unauthorized traffic.