TECHNOLOGY After Palo Alto's hacking incident, i ng games. Scigliano says
her staff conducted St i ll, the risk is present. Hernacki's a security
audit, upgraded systems suggestions include controlling access and
tightened security holes. They through usernames and passwords, Hacker
Toolkit also developed a six-page pamphlet limiting access to specific
computers outlining basic computer security and setting up networks to
minimize Hackers rely on commonly available tools to practices. Scigliano
gave copies of their reach outside school grounds find the weak points in
wireless networks. this pamphlet to school principals, see the Safer Wi-Fi
sidebar . The good news: Your IT people can use the who then conducted
training sessions Ga r ten urges school districts to same tools to find
out where your network's with their staffs. The pamphlet was address the
Wi-Fi security problem as defenses need reinforcement. Here are some very
helpful for us in terms of teach- soon as possible. They'll be able to i
ng our staff and training them about secure their networks faster than we
of the most popular programs: security and confidentiality, says did
because the tools have evolved, Scigliano. They were aware of things but
they better start now. They AirSnort they needed to do with student infor-
should think about the consequences airsnort.shmoo.com mat ion stored in fi
ling cabinets, but if someone breaks in. This popular tool monitors traffic
on encrypted they weren't aware of what it meant Once the network is
secured, you Wi-Fi networks. Once it's gathered enough for e-mail, online
fi le storage and can't rest on your laurels. Hackers those kinds of
things. are continually honing their tech- data, it's able to figure out
the encryption key, n iques and developing new attacks, thereby allowing
access to the network. Barring the Doors so your staff needs to stay
abreast of the latest security developments. Fou r years after its audit,
Poway has NetStumbler That means refreshing your network removed all of
the rogue hotspots www.netstumbler.com security every three to six months
to and has fully embraced Wi-Fi this NetStumbler was one of the earliest
and most make sure it's hardened against the time, with district oversight
and most likely attacks. Security can get plenty of security. In fact, many
popular wardriving tools. It monitors the air- obsolete, just like your
equipment, schools now include a clock tower waves for nearby Wi-Fi
networks, providing says Garten. architectural feature where wireless
information on each one it detects. NetStumbler Hav i ng an outside
auditor come transmitters can be located, provid- only works with certain
Wi-Fi access cards. in and give you strategic advice is i ng greater range
for the networks. very helpful, adds Scigliano, whose However, network
connections are Kismet district also used Farm9. The per- encrypted. The
district also has a spec t ive provided by an outside party designated
chief security officer who www.kismetwireless.net can uncover weaknesses
you might can shut down a school's network if A more modern and capable
wardriving pro- otherwise miss, and also provides a a hacking incident is
underway. In gram, Kismet works with many Wi-Fi cards. roadmap for
security enhancements most districts, it would take four to In addition to
identifying nearby networks, and future upgrades. five phone calls to shut
down the net- Kismet also provides traffic monitoring sniff- Compa red
with a typical network, work, Garten says. At Poway, it takes ing so
hackers can eavesdrop on wireless Wi-Fi still has a lot of maturing to do,
just one call to the security officer. says the former hacker. If a school
Br ia n Hernacki, an architect in data transmissions. decides to take the
risks in setting one the R&D lab for security software up, they need to
make sure that all of vendor Symantec, confi rms that secu- SAINT the
teachers and faculty know to be r it y is an issue for school districts,
www.saintcorporation.com / cautious in keeping sensitive informa- but
notes that most wireless hacking products /products.html tion off the
network. And adminis- incidents are not as serious as those T h e SAINT
vulnerability scanner checks trators need to stay up to date with
described by the former hacker and vulnerabilities in the network. Do all
Scigliano. It is in pretty rare cases every computer on your network for
security that, and you can rest easy, knowing that they're actually
hacking into vulnerabilities, providing a report that you can you've kept
hackers away from the school resources, says Hernacki. use to eliminate
weak spots and shore up gates for now. DA More common abuses are simply
your defenses. using the Wi-Fi network in an unau- t hor i zed fashion,
such as connecting Dylan Tweney is a writer based in San via a laptop in
the cafeteria or play- Mateo, Calif. 40 June 2006 District Administration
wireless1.w.indd 40 5/15/06 4:19:10 PM
http://airsnort.shmoo.comhttp://www.netstumbler.comhttp://www.kismetwireless.nethttp://www.saintcorporation.com/products/products.html
Table of Contents for the Digital Edition of District Administration - June 2006