AirDefense Monitors Wireless Airwaves at RSA Conference for Second Day, Wireless Usage Increases.More Than Half of 847 Wireless Devices Vulnerable to Attacks SAN FRANCISCO San Francisco (săn frănsĭs`kō), city (1990 pop. 723,959), coextensive with San Francisco co., W Calif., on the tip of a peninsula between the Pacific Ocean and San Francisco Bay, which are connected by the strait known as the Golden -- AirDefense, the innovator and market leader in anywhere, anytime wireless security, today unveiled results from its wireless airwave monitoring on Wednesday, February 7 at the RSA Conference The RSA Conference is a Cryptography-related conference held annually in the San Francisco Bay Area. The RSA Conference started in 1991 as a forum for cryptographers to gather and share the latest knowledge and advancements in the area of Internet security. , the world's leading information security conference. This is the second consecutive day AirDefense studied the wireless LAN A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area traffic from the show floor. On Wednesday, AirDefense discovered 481 out of 847 wireless devices, such as laptops, PDAs, phones and vendor PCs susceptible to "Evil Twin" types of attacks, combined with some of the latest zero-day attacks. In total, 57 percent of the 847 devices in use could have easily been compromised. Tuesday's monitoring discovered 347 of 623 wireless devices vulnerable to attacks. To speak to AirDefense regarding their findings stop by the AirDefense booth # 2146, or to schedule an interview with Richard Rushing, CSO (Chief Security Officer) The person in charge of all staff members who are responsible for promulgating, enforcing and administering security policies for all systems within an enterprise or division. , AirDefense, call Bill Keeler Keel´er n. 1. One employed in managing a Newcastle keel; - called also keelman ltname>. 2. A small or shallow tub; esp., one used for holding materials for calking ships, or one used for washing dishes, etc. or Mark Cautela at Schwartz Communications at (781) 684-0770. To review wireless airwave monitoring results from Tuesday, February 8, log onto: www.airdefense.net/newsandpress/02_07_07.php. "The vulnerability of 481 devices on Wednesday and 347 devices on Tuesday is not the problem of RSA Conference organizers. In fact, they secure the conference network as well or better than most standard corporate networks," said Richard Rushing, CSO, AirDefense. "The wireless vulnerabilities increase dramatically when conference attendees have joined a wireless network through hotels and hotspots that are insecure." AirDefense's wireless airwave monitoring on Wednesday discovered 847 devices in use versus 623 on Tuesday, an increase of 25 percent. Denial of service attacks spiked as well, with AirDefense noticing 85 different attacks trying to disrupt the wireless network, from CTS (1) (Clear To Send) The RS-232 signal sent from the receiving station to the transmitting station that indicates it is ready to accept data. Contrast with RTS. (2) (Common Type System) The data typing used in . flooding the airwaves, to de-authentication types of attacks, to jamming attacks. These were limited in duration and the location of these attacks continued to move about the exposition floor. The types of tools used to attack the network were more sophisticated in an attempt to take advantage of the probing laptops that were discovered on Tuesday. Some attack tools were versions of Karma karma or karman (kär`mə, kär`mən), [Skt.,=action, work, or ritual], basic concept common to Hinduism, Buddhism, and Jainism. that mimic the Access Point that the station it is probing for. In fact, AirDefense found a single attacker had grabbed 8 different machines and launched attacks simultaneously. Other Interesting Findings: * AirDefense noticed that many clients, when connected to an unencrypted network, would disclose information about the organization's networks such as Domain, Authentication Server A device used in network access control. It stores the usernames and passwords that identify the clients logging in, or it may hold the algorithms for token access (see authentication token). , Active Directory, User Name, and Computer Name. Leaking out NetBIOS and IPX (Internetwork Packet EXchange) The network layer protocol in the NetWare operating system. Similar to the IP layer in TCP/IP, it contains a network address and allows messages to be routed to a different network or subnet. traffic information was common on these devices. An attacker could and might have captured the corporate username and authentication hash (password), that the unsuspecting user would have sent over the airwaves. As the laptop is not aware of its location, it does not know if it is at the office, home, or hotspot. * AirDefense discovered 87 devices participating in Ad-Hoc networks (Peer-to-Peer) using common SSID's (Service Set Identifiers) such as "Free Public WiFi," "Free Internet Access See how to access the Internet. " and "Linksys." Not only is this a security issue, typically this means that no firewall is present in the wireless interface or this is an un-patched Windows system. In other words Adv. 1. in other words - otherwise stated; "in other words, we are broke" put differently , low hanging fruit for an attacker. "Evil Twins" are the wireless version of email phishing scams, a technique whereby an attacker tricks victims into connecting to a laptop or PDA (Personal Digital Assistant) A handheld computer for managing contacts, appointments and tasks. It typically includes a name and address database, calendar, to-do list and note taker, which are the functions in a personal information manager (see PIM). by posing as a legitimate hotspot. Zero-day attacks take advantage of new flaws in software programs, such as Internet Explorer, that can compromise devices that have yet to be fixed by the vendor. About AirDefense AirDefense is the market leader in anywhere, anytime wireless security. The company is trusted by more Fortune 500 companies, healthcare organizations and high-security government agencies for enterprise wireless protection than any other company. AirDefense products provide the most advanced solutions for rogue wireless detection, policy enforcement and intrusion prevention, both inside and outside an organization's physical locations and wired networks. Common Criteria-certified, AirDefense enterprise-class products scale to support single offices as well as organizations with hundreds of locations around the globe. Founded in 2001, AirDefense is based in Atlanta, GA, and serves more than 600 government agencies and blue chip corporations. For more information, please visit http://www.airdefense.net or call 770-663-8115. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion