AirDefense Makes New Detection and Protection Methods Available to Customers.Upon Identifying New Wireless Threats at Defcon 15, AirDefense Quickly Responds to Better Secure Customers' Enterprises ATLANTA -- AirDefense, Inc., the innovator that launched the wireless LAN security One issue with corporate wireless networks in general, and WLANs in particular, involves the need for security. Many early access points could not discern whether or not a particular user had authorization to access the network. market, today released updated detection and protection methods for new hacks identified at Defcon 15, the largest underground hacking conference in the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. . At the request of Defcon Wi-Fi Village organizers, AirDefense monitored the annual conference in Las Vegas Las Vegas (läs vā`gəs), city (1990 pop. 258,295), seat of Clark co., S Nev.; inc. 1911. It is the largest city in Nevada and the center of one of the fastest-growing urban areas in the United States. , NV. During the three days of monitoring, AirDefense Enterprise protected 22 access points (APs) provided by Defcon for Internet access See how to access the Internet. and monitored 46 additional access points installed by conference attendees. With over 2100 wireless devices in use at the event, the network was overloaded yet usable with some taking advantage of the less congested con·gest·ed adj. Affected with or characterized by congestion. congested ENT adjective Referring to a boggy blood-filled tissue. See Nasal congestion. 802.11a network for a more reliable Internet connection. As expected, many well-known wireless vulnerabilities in existence were exploited at the conference. Denial of service A condition in which a system can no longer respond to normal requests. See denial of service attack. (DoS) attacks were by far the most numerous with 17 variations used in 428 attempts. Over 1100 attacks were run against wireless client devices. In six separate cases, hackers were able to completely compromise access points and change their settings. Newly identified attacks at this year's Defcon involved the use of multiple APs to form a phishing trap, otherwise known as a multi-pot. This attack has existed for quite some time, so hackers focused on easier to implement variations which are difficult to detect, more damaging and especially effective. In one example, the attack entitled "Bad Karma karma or karman (kär`mə, kär`mən), [Skt.,=action, work, or ritual], basic concept common to Hinduism, Buddhism, and Jainism. " included functions that enable the attacker to phish clients without causing them to re-authenticate to the attacker's AP. AirDefense also spotted several new variations of wireless denial of service (DoS) attacks both at the driver level and RF level. Fuzzing See fuzz testing. attacks, revealed at last year's Defcon 14, advanced using a wider variety of frame modifications to impact additional types of wireless devices. In fuzzing attacks, frames are specifically crafted to cause a wireless device to crash and sometimes deliver a payload (1) Refers to the "actual data" in a packet or file minus all headers attached for transport and minus all descriptive meta-data. In a network packet, headers are appended to the payload for transport and then discarded at their destination. that can compromise the device. The new variations introduced at Defcon 15 appear to target radios in newer embedded platforms. Additionally, AirDefense observed 12 instances of a new RF Jamming technique that uses standard 802.11 radios to block the entire 2.4 GHz spectrum. Although jamming will always be a problem, this attack is particularly problematic as it uses standard 802.11 radios instead of requiring specialized hardware. As a result of AirDefense's monitoring efforts at Defcon 15, along with the company's commitment to ensuring customers have the most up-to-date protection, AirDefense quickly released updated software that detects each of the new attacks and enhances the protection methods implemented throughout the system. AirDefense's patented WEP (Wired Equivalent Privacy) An IEEE standard security protocol for wireless 802.11 networks. Introduced in 1997, WEP was found to be very inadequate and was superseded by WPA, WPA2 and 802.11i. Cloaking[TM] solution, which increases the security of WEP networks, already includes protection for each of the attacks proposed by hackers at Defcon. "Security leaders have always been in a race with hackers," said Amit Sinha, CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. of AirDefense. "The largest enterprises and most secure government organizations choose AirDefense because of the expertise that goes into the early identification of threats and the speed at which we are able to react after new threats are released. Customers can rest assured that AirDefense is working around the clock to protect their networks and data." AirDefense Enterprise customers with current software maintenance contracts will receive instructions for downloading and installing the latest updates. Please contact AirDefense Customer Support for further information or assistance at support@airdefense.net. About AirDefense AirDefense is the market leader in anywhere, anytime wireless security. The company is trusted by more Fortune 500 companies, healthcare organizations and high-security government agencies for enterprise wireless protection than any other company. AirDefense products provide the most advanced solutions for rogue wireless detection, policy enforcement and intrusion prevention See IPS and IDS. , both inside and outside an organization's physical locations and wired networks. Common Criteria-certified, AirDefense enterprise-class products scale to support single offices as well as organizations with hundreds of locations around the globe. Founded in 2001, AirDefense is based in Atlanta, GA and serves more than 700 government agencies and blue chip corporations. For more information, please visit http://www.airdefense.net or call 770.663.8115. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion