An ad-hoc network is enabled by connecting a wi-fi enabled device directly with another wi-fi enabled device over the wireless medium without requiring a wireless router / access point. But how secure is this mode of connection? What can you do to mitigate the threats posed by ad-hoc networks in an enterprise? Let us look at the answers to these questions, in this article.
What is an Ad-hoc Network?
Whether you are using Windows, Linux or Mac laptops, you can connect them to each other over the wireless medium using the built-in Wireless adapter. Generally, a Wi-Fi Network is created by connecting the computers to wireless access points/ wireless routers but Wi-Fi Ad-hoc networks are created directly between two Wi-Fi enabled laptops/ systems. It is also possible to connect more than two devices to the ad-hoc network. In that case, even if two computers are not directly connected, they can still communicate with each other through the common computer/ other computers.
Ad-hoc networks are not a replacement to Wi-Fi networks (Wireless Routers, Access Points, etc) but they are meant for temporary connections between two wi-fi enabled systems. They are used mostly for file sharing, playing multi-player enabled games (or) sharing an Internet connection. Even a wi-fi enabled smart phone can connect to a PC using an ad-hoc network, if the phone supports this feature. Ad-hoc networks are pretty simple to configure and easy to deploy but they have a limited range of few meters.
Generally, one person sets up the ad-hoc network and everyone joins. This network gets terminated when everyone (or) the person who set it up, disconnects from the network. The access to the ad-hoc network can be restricted with a password and the security within an ad hoc network can be enhanced using encryption.
What are the threats posed by Ad-hoc networks?
Sometimes, ad hoc networks are enabled by default in certain operating systems. So, someone in the range of the computer might try to connect to it and access shared documents. Sometimes, users do not encrypt the communication over an ad hoc network. These networks are a delight to hackers (who are within the range of the network) and they try to access and place some malware into the system so that they can carry out further attacks.
If ad-hoc mode is enabled in a laptop and it is also connected to the wireless / wired enterprise network, hackers can connect to the laptop over the ad-hoc network and then connect to the enterprise network to access network resources without the knowledge of the unsuspecting user.
How are ad-hoc networks identified and mitigated?
As you can see above, the threats posed by an ad-hoc network to the enterprise wired / wi-fi network is considerable. Generally organizations prefer to ban ad-hoc networks within their premises. They have a policy to this effect, and new laptops are deployed with ad-hoc networks disabled.
But users can themselves enable the ad-hoc network anytime. One of the ways to monitor for live ad-hoc networks within an organization would be to use air-monitors / wireless intrusion prevention systems. These systems can continuously scan the network and identify any live ad hoc network and report to the administrator.
If required, they can even block the ad hoc network by throttling the communication between authorized clients and unauthorized clients. They can instruct and prevent the authorized systems from communicating with rogue wi-fi clients. They can differentiate between genuine users and rogue users and allow ad hoc networks between genuine users (if required) while simultaneously blocking ad hoc networks involving rogue users, selectively.
You could stay up to date on the various computer networking / related IT technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’