Securing Your Wireless World
Sage’s Wireless Security Assessment is designed around the unique considerations of your wireless architecture, configuration, and devices. We use it to evaluate the strength of the security surrounding your wireless networks.
Through the testing, we will:
- Identify your wireless networks.
- Evaluate wireless security controls, including user/computer management and authentication.
- Analyze the strength of wireless encryption schemes.
- Assess the configuration of wireless access points and wireless cards.
- Attempt to exploit the vulnerabilities we find.
- Provide recommendations for mitigating the vulnerabilities we’ve discovered.
The Sage Methodology
We take a phased approach consisting of three basic steps: wireless data collection, analysis, and exploitation.
- Wireless Data Collection – Using a laptop specially configured with the ability to compromise 802.11 networks, we monitor wireless traffic and injects packets, acting as a rogue access point or ad hoc device. The laptop collects wireless data in monitoring mode by physically traversing the inside and outside of all buildings included in the scope of work.
- Data Analysis – After the scanning is complete, we analyze the data at your location to verify the collected data and prepare for the exploitation step. We then perform in-depth analysis of all collected data at our own Sage Data Security location.
What we learn in the Data Analysis phase determines how we conduct the final phase:
We conduct our testing using automated and manual, commercial and open source applications, as well as proprietary tools and testing mechanisms. All testing is conducted by certified personnel, and we do not subcontract any part of the testing.
- Exploitation – Attempting to connect to your wireless networks, we determine what level of access is achieved through each connection.
Reports and Recommendations
When the Wireless Security Assessment is complete, Sage will send you a report documenting our findings and recommendations, including the wireless signals (such as SSID and encryption types) we have observed.