AirMagnet Discovers New Wireless ``Day-Zero'' Attack; Distributed ``Phlooding'' Attack Can Threaten Multi-Site Enterprises.SUNNYVALE, Calif. -- AirMagnet, Inc., the leader in wireless LAN A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area (WLAN See wireless LAN. WLAN - wireless local area network ) security and performance solutions, today announced the discovery of a new wireless attack. Dubbed "phlooding," this new exploit describes a group of simultaneous but geographically distributed attacks that targets a business's authentication or network log-in structure, with the goal of overloading its central authentication server A device used in network access control. It stores the usernames and passwords that identify the clients logging in, or it may hold the algorithms for token access (see authentication token). . Businesses with multiple office locations served by a single identity management server could be particularly vulnerable to phlooding attacks. In a phlooding attack, several attackers in different locations bombard bom·bard tr.v. bom·bard·ed, bom·bard·ing, bom·bards 1. To attack with bombs, shells, or missiles. 2. To assail persistently, as with requests. See Synonyms at attack, barrage2. 3. wireless access points (APs) with login requests using multiple password combinations in what are known as "dictionary" attacks. This creates a "flood" of authentication requests to the company's central authentication server, which could slow down logins and potentially interfere with broader network operations, since many different users and applications often validate themselves against the same identity management server for email access, database applications, and other corporate uses. Phlooding could effectively block broadband VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. or firewall connections that use a common authentication server to verify an incoming user's identity, making it temporarily impossible for employees to access their corporate network. In a new version of its enterprise wireless intrusion prevention system In computing, a wireless intrusion prevention system (WIPS) is a network device that monitors the radio spectrum for the presence of unauthorized access points (intrusion detection), and can automatically take contermeasures (intrusion prevention). , announced today, AirMagnet includes wireless event correlation Event Correlation is the processes involved with reducing a large number of incident alerts to a much smaller, more manageable number within automated monitoring and incident/problem management in a Support Management System. and detection methods designed to identify clusters of attacks that indicate phlooding and similar exploits are underway. AirMagnet Enterprise correlates multiple attacks or events occurring at different locations and generates a single alert to identify this "day-zero" attack. "As our counterparts in wired security have discovered, it is no longer acceptable to wait for a vulnerability to be published, or worse, exploited, before taking action to protect against it," said Dean Au, AirMagnet president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. . "By identifying new wireless attacks and providing pre-emptive pre·emp·tive or pre-emp·tive adj. 1. Of, relating to, or characteristic of preemption. 2. Having or granted by the right of preemption. 3. a. protection against them, we're able to guarantee that the integrity of our users' networks isn't compromised." About AirMagnet Founded in 2001, AirMagnet, Inc. provides the most trusted WLAN management and security software systems in handheld, laptop and enterprise configurations. Used by IT professionals at more than 3,500 companies worldwide--including 66 of the Fortune 100--in manufacturing, financial, retail, service, health care, utility, transportation, education and government sectors, AirMagnet solves Wi-Fi connection problems, tracks down unauthorized access, simplifies site surveys, and locks in unprecedented levels of network performance, security and reliability. Additional information about AirMagnet and its products is available on the Web at www.AirMagnet.com. (C)2005 AirMagnet, Inc. All rights reserved. AirMagnet and AirWISE are registered trademarks, and the AirMagnet logo is a trademark, of AirMagnet, Inc. All other product names mentioned herein may be trademarks of their respective companies. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion