He's been investigating wireless security and one of the results of his research has been the whitepaper "Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection".
The paper reviews some of the tactics used in wireless LAN network discovery and attempts to identify some of the fingerprints left by wireless LAN discovery applications, focusing on the MAC and LLC layers.
In your opinion, what events in the field of wireless security have marked this year?
Top 4 list of notable wireless security events:
- Involvement with US federal agencies trying to help administrators secure their wireless networks while identifying insecure wireless networks as a threat to US national security.
- Marked increase in 802.11 attack tools designed specifically to make it easier for an attacker to compromise wireless networks.
- Every major media outlet running stories on wardriving, warwalking, warbiking, warflying, warspelunking, etc. This has had both a positive and negative effect for the wireless and information security industries.
- WiFi certifying 802.11 wireless cards as "secure", WPA. Significant development toward a ratified task group i standard (802.11i).
The unauthorized use of network resources is a problem for any organization. I believe the stories and dramatic sound bytes about warchalking and wardriving has been more of a benefit to improving the security of wireless networks than a detriment. Without the news stories covering wardriving in cities throughout the globe, I don't believe as many CIOs would recognize wireless security as a significant problem. Phrases like "parking-lot attacks" didn't catch as much glitz as "wardriving" in previous years. Now people recognize at least the threat of insecure wireless networks - even if they aren't taking steps to protect their infrastructure.
Will there be a slowdown in acceptance of wireless technology in the corporate environment in 2003 because of increased security concerns?
Wireless network deployment will continue to grow with increasingly rapid deployment in specific vertical markets such as the medical industry. I believe all markets will continue to expand their deployments, although the growth will be reduced due to security concerns and capital constraints.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.