For UNIX, right now Kismet is King. Each release of Kismet continues to be more and more impressive. However, for Windows we are becoming less and less impressed. Vendors keep raising their prices (who has $1,000 to spend on a simple CE sniffer?) and their products are becoming buggy and difficult to use. To address this, we are writing our own (hopefully better) software, and we plan to release it as freeware for non-commercial use.

Despite the insecurities of 802.11, the number of wireless networks is growing rapidly. What should be done in order to raise awareness of wireless security problems?

The awareness is actually quite high. Over 2/3 of businesses are scared that their WLANs will be hacked. However, they don't have the money to pay the high prices that security software vendors demand. This is especially true for home users, who are a key part of free wireless community networks. For example, in this economy folks just can't afford to pay $3,500 for products like Airopeek NX and then have the software lock after 12 months when the "license" expires. How many home users can afford to pay thousands of dollars per license for commercial software that is booby-trapped with one-year time lock? In this case, the best suggestion might be to spend the time learning to use free tools such as Kismet and others which can give you more useful data.

Nor can the average user afford $6,000 for a WLAN "gateway" device such as Bluesocket, which merely duplicates what you can implement for free with the native security architecture of Linux or Windows Server plus some custom scripts. Thus, the major problem is not awareness of security risks, but rather the availability of products that are inexpensive, powerful and easy to use.

Before losing thousands of dollars to a vendor that will pull the rug out from under you in a year if you don't pay their high upgrade prices, and before paying thousands for hardware that you can build for free, consider taking the time to learn to use an alternative.


Do you see Wardriving as an extensive problem?

"Ethical" Wardriving is not only beneficial, but it is also a mandatory skill for every WLAN administrator. However, "unethical" Wardrivers could potentially pose great problems. When you hear media quotes from security experts claiming that Wardriving is an insignificant threat, you might consider taking that with a grain of salt.

Wireless security is subject to interference and therefore to Denial of Service attacks. What can be done to protect from such attacks?

As an electrical engineer, I don't see it a major issue. RF interference and jamming can be fixed with patience and a solid understanding of electromagnetics and signal processing. More dangerous to WLANs is government restrictions on spectrum. It is important for every individual to express her views to the government about the need for expanded, unrestricted WLAN spectrum.