The IBM software sits on laptops and PCs, analyzing traffic on an internal 802.11 wireless network and sending data to a centralized server, said Dave Safford, manager of the global security analysis lab at IBM Research in Hawthorne, N.Y.

"It turns machines into wireless auditing sniffers," he said.

The server then "crunches" the data and "spits out" a report that can tell administrators if there are wireless access points that have been misconfigured, Safford said. Access points are physical connections to the computer network located throughout a site.

Wireless networks are cheap, costing less than $100, and convenient to use, allowing workers to carry laptops from office to conference room to cafeteria.

Because they are easy to misconfigure, they pose a significant security risk, and easily expose a computer network to attackers outside the building using specialized wireless sniffers.

"Hackers outside the building, across the street, can connect in to the internal network," Safford said. "They can use the network to break into internal servers and steal data."

Enthusiastic employees have been known to set up wireless network access points without informing their network administrators, he said.

"We've had audits of customer sites that have turned up 50, sometimes 100, rogue access points they didn't know about," Safford said.

The Distributed Wireless Security Auditor runs on the Linux operating system. A version for Windows is pending. The software will be commercially available later this year, Safford said.

An early version, introduced last year, ran on Linux on personal digital assistant devices. The new version includes the self-sensor and self-diagnosis features.

IBM researchers are talking with managers in the IBM Personal Computing Division about preloading the software onto ThinkPad laptops, Safford said.

ThinkPads are already equipped with 802.11 wireless network capability.

What are your strategies for preventing drive-by hacking? TalkBack below or e-mail us with your thoughts.