Security Remains Afterthought at N+I; AirDefense Observes Overloaded, Unsecured Wireless Networks at Major Network Event.Business Editors/High-Tech Writers NetWorld+Interop 2004 Las Vegas Las Vegas (läs vā`gəs), city (1990 pop. 258,295), seat of Clark co., S Nev.; inc. 1911. It is the largest city in Nevada and the center of one of the fastest-growing urban areas in the United States. LAS VEGAS--(BUSINESS WIRE)--May 12, 2004 Unsecured communications, information theft, Denial of Service Attacks An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. , and high congestion The condition of a network when there is not enough bandwidth to support the current traffic load. congestion - When the offered load of a data communication path exceeds the capacity. limiting network performance characterized the wireless communications wireless communications System using radio-frequency, infrared, microwave, or other types of electromagnetic or acoustic waves in place of wires, cables, or fibre optics to transmit signals or data. at the Networld + Interop show this week, stated AirDefense, the leader in 24x7 wireless LAN security One issue with corporate wireless networks in general, and WLANs in particular, involves the need for security. Many early access points could not discern whether or not a particular user had authorization to access the network. monitoring. With more than 15,000 attendees to Network + Interop, one of the largest networking conference of the year, the wireless network was congested con·gest·ed adj. Affected with or characterized by congestion. congested ENT adjective Referring to a boggy blood-filled tissue. See Nasal congestion. with unsecured wireless devices and numerous security threats during the first day of the show. AirDefense studied the wireless LAN A local area network that transmits over the air typically in the 2.4 GHz or 5 GHz unlicensed frequency band. It does not require line of sight between sender and receiver. Wireless base stations (access points) are wired to an Ethernet network and transmit a radio frequency over an area and Bluetooth traffic in a single exhibit hall and identified more than 1000 unique wireless devices throughout the day attempting to connect to 311 access points (APs). Despite the apparent abundance of capacity, connecting to the networks was virtually impossible due to the interference caused by secured and unsecured competition for access. In an attempt to find connectivity, users abandoned good security practices and exposed their communications, causing a pattern of open communication followed by specific attacks on communication. "While this ratio of APs to wireless stations appears higher than normal, less than 50 percent of the access points were configured to carry traffic," said Richard Rushing, chief security officer of AirDefense. "The remaining access points were established for demonstration purposes only, causing interference on the show floor, flooding the airwaves with false connections. This contributed to attendees' inability to stay connected to an access point for long periods of time, or alternatively attempting to connect to unsecured networks. The congested network and unstable connections explain the poor network performance noted at the show. More importantly, as users stations attempted to connect, they often went into ad hoc mode The mode of operation in a peer-to-peer wireless network, in which computers communicate with each other rather than to a central base station (access point). Contrast with infrastructure mode. See 802.11 and mobile ad hoc network. See also ad hoc and ad hoc query. or accidentally associated with other stations. Within these associations we saw malicious activity including the launch of viruses and what appeared to be theft of information." Throughout the day AirDefense tracked and identified usage patterns, network bottlenecks and problematic stations and access points, indicative of the interference and performance degradation. "Most attendees used the b/g frequency and the majority of them attempted to connect on only channels six, one and 11," Rushing continued. "Not only were these the most crowded channels but they also were the noisiest channels deterring attendees from using the network to its full capacity. Particularly interesting was the interference or an attack launched on the computer of one key note presenter, creating difficulties with his presentation." Between conference sessions, AirDefense also noted a flood of activity as attendees rushed to Hotspots for email, file transfer protocol A communications protocol used to transmit files without loss of data. A file transfer protocol can handle all types of files including binary files and ASCII text files. See Kermit, Zmodem and FTP. and Telnet purposes. Of these communications, at least 18 percent of users used unsecured protocols for accessing wireless networks. Less than 14 percent of attendees connected to their corporate networks via a secure virtual private network (VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. ) or any form of encryption. Additionally, AirDefense research indicated numerous risks and threats including: -- 96 Ad hoc networks See mobile ad hoc network. comprised of 43 stations -- 89 separate attacks on different devices, many of these MAC spoofing attacks -- 63 Denial of Service attacks -- 24 Soft access points -- 36 separate AirSnarfing, or impersonation Impersonation Patroclus wore the armor of Achilles against the Trojans to encourage the disheartened Greeks. [Gk. Lit.: Iliad] Prisoner of Zenda, The of the Hotspot, attacks -- 15 individual Hotspotter attacks -- Three large mesh networks with an average of 10 personal computers connected to each -- One attack on the closely situated Sears Service Toolbox (SST-PR-1) "The MAC spoofing (1) Faking the sending address of a transmission in order to gain illegal entry into a secure system. See e-mail spoofing. (2) Creating fake responses or signals in order to keep a session active and prevent timeouts. and ad hoc networks should be of great concern to attendees," said Anil Khatod, chief executive officer of AirDefense. Because of the limited access points available for use at the show, attendees took to their own means and established unsecured connections that put their corporate networks at risk." On Monday AirDefense announced its new Bluetooth monitoring tool, AirDefense BlueWatch(TM). During the first day of the show, AirDefense noted 249 Bluetooth devices, the majority of them being cell phones and PDAs. The devices launched 180 BlueJack attacks and 15 BlueSnarf attacks, both enabling unauthorized users to gain access to the devices for potentially harmful purposes, including downloading address books, email and capturing other corporate information. "The large number of Bluetooth devices found substantiates AirDefense's move to secure the Bluetooth space," said Khatod. "Organizations need to be aware of the additional vulnerabilities Bluetooth devices create on the network. Using AirDefense Enterprise and AirDefense BlueWatch, organizations will have a more accurate view into the usage of their networks and can better pinpoint vulnerabilities, set tighter policies and monitor for the enforcement of those policies." About AirDefense, Inc. AirDefense is a thought leader and innovator of wireless LAN security and operational support solutions. Founded in 2001, AirDefense pioneered the concept of 24x7 monitoring of the airwaves and now provides the most advanced solutions for rogue WLAN See wireless LAN. WLAN - wireless local area network detection, policy enforcement, intrusion protection and monitoring the health of wireless LANs. Based on a secure appliance and remote sensors, AirDefense solutions scale to support single offices, corporate campuses or hundreds of locations. Blue chip companies and government agencies rely upon AirDefense solutions to secure and manage wireless LANs around the globe. For more information, go to www.airdefense.net. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion