Archive for the ‘Wi-Fi’ Category

If you’re heading down to Orlando in April for InfoSec World, please consider checking out the demo session on auditing wireless networks that I’m doing with Lisa Phifer.

Using Free Tools to Assess and Audit Your Wi-Fi Network
Lisa A. Phifer, President, Core Competence, Inc.
Diana Kelley, Partner, SecurityCurve

Date: Monday, 19 April 2010
Time: 10:30am – 12pm

• Business justification for a Wi-Fi vulnerability assessment (VA)
• The Wi-Fi VA lifecycle: plan, scan, validate, remediate
• How to build your own Wi-Fi VA toolkit without spending a bundle
• Using free tools to pinpoint Wi-Fi network vulnerabilities (live demo)
• Applying lessons learned to improve your network’s security posture

“During Q2, worldwide shipments of 802.11-based kit were up six per cent on the first quarter’s figure and a massive 69 per cent up on the same period last year.

However, Wi-Fi revenues totalled $149 million during the quarter up just two per cent from Q1’s total of $146 million, and ten per cent above Q2 2002’s $134.1 million.”

In other words, more units are shipping, but the competitive price pressures are shrinking the profit margin. Good news for buyers. And an indicator that the major manufacturers of wi-fi products, such as Cisco and Netgear, will probably continue to have an edge over niche competitors. When profit margins go down, the ability to ship more units becomes critical.

Wireless IDS vendor, AirDefense, released a version of their intrusion detection software that supports 802.11g (or Airport Extreme for Mac OS users) this week.

The company also enhanced their product with the ability to push policies to remote access points and graphical mapping of the wireless network.

Tools that map wireless networks are welcome in the market. Not only do they offer a snapshot of the known wireless LAN, but they can also be used to compare against the expected topology to ferret out rogue access points.

The Register has an article up commenting on Intel/Linksys’ (now owned by Cisco) announcement of the “Verified with Intel Centrino mobile technology” label. Whether the announcement is truly a bid from Intel and Cisco to replace the functionality of the WiFi Alliance with a more vendor specific approach remains to be seen. But the article does raise some interesting points.

The third World War Drive, organized by the WWWD is in process with findings to be presented at DefCon in Las Vegas later this month.

But what exactly is a ‘war drive’ and do you care? “War Driving” is the process of driving around with a client device such as a laptop or PDA with an installed WNIC (wireless NIC) , ‘detection software’ – software, such as NetStumbler, and, usually, a high gain antenna, searching for wireless Access Points. War driving goes on all the time these days, but the WWWD actually goes to the next step by organizing the information and presenting their findings.

Wired went along with a few of the war drivers and reported, “In just 40 minutes, we logged nearly 400 access points, and many were unsecured.” The unsecured part is the important one. Access Points are detectable because they need to be available to authorized users. Finding an Access Point isn’t the problem, the concern here is finding an unprotected AP that allows unauthorized users to ‘hop on’ to the internal network.

So should you care? In a word, yup. But not just about the WWWD, about war driving and the security of your Access Points in general. In fact, try war driving against your own wireless network. If you can get into your network via an unsecured AP so can an attacker. So do your own driving, or the foot based equivalent- ‘war walking’, i.d. your available Access Points and lock them down. There are a number of ways to prevent unwanted access- such as MAC ACLs and 802.1x/EAP authentication. Take precautionary measures so that when the war drivers come around although they may be able to find your access point, they won’t be able to get on it.

“Wi-Fi is hot, but it’s not the only wireless network in town. To help integrate and manage the variety of wireless platforms and protocols available to enterprise users, several vendors are readying WLAN products that support not only Wi-Fi but Bluetooth and WANs as well.

At the 802.11 Planet show here last week, Red-M Communications Ltd. introduced Red-Alert, a wireless probe that detects unauthorized 802.11 and Bluetooth signals and runs on the Red-Access box.”

More woes for Intel’s Centrino with VPNs. Originally, reports were that using Centrino with only the Nortel VPN caused a Blue Screen of Death on Windows clients. But it appears the problem may be even larger and affect VPNs from other vendors as well.

Intel’s recommendation is for users to disable the Adapter Switching Feature – that’s the one that supports automatic roaming between hotspots.

Hmmmm, interesting advice from a company that claims Centrino was “built from the ground up for mobility”

While most WLAN switch vendors, such as Aruba, Symbol, and Trapeze are going direct after the WLAN market, Cisco has announced WLAN management features for their existing switching products.

Sounds great, especially for enterprises already invested in Cisco switch solutions. But hold on, there’s a bit more to the story. The Cisco WLAN switch works with ‘more intelligent’ versions of the Cisco Aironet AP. What about companies that have already invested in other mfs’ APs? Or that want to use a heterogenous mix of thin APs in their WLAN?

The Cisco solution looks like something Cisco heavy shops might want to explore. But if you want to keep your AP options open and flexible investigate the AP neutral switch vendors and think twice before selecting a solution that locks you into only one vendor’s AP offering.

Nokia has announced they’ll start shipping Wi Fi capability on their phones.

In a recent email, Lisa Phifer writes:

“Sometime last week my neighbor installed a new AP, so when AirDefense spotted it, it was news to me. That prompted me to take a little drive around the neighborhood, AirMagnet in hand. Would you believe that the highest concentration of WLANs is on my little street (6 homes out of 32 in the neighborhood) – and that’s not counting my own APs? The encouraging news is that several are using WEP and/or MAC ACLs. In the past, I’ve seen mostly wide-open APs in residential neighborhoods. Perhaps there IS hope for security after all!”

Hopefully this indicates a general trend and home users (and corporations!) are getting the message about taking some basic security measures to protect their WLANs.