He's been investigating wireless security and one of the results of his research has been the whitepaper "Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection".
The paper reviews some of the tactics used in wireless LAN network discovery and attempts to identify some of the fingerprints left by wireless LAN discovery applications, focusing on the MAC and LLC layers.
In your opinion, what events in the field of wireless security have marked this year?
Top 4 list of notable wireless security events:
- Involvement with US federal agencies trying to help administrators secure their wireless networks while identifying insecure wireless networks as a threat to US national security.
- Marked increase in 802.11 attack tools designed specifically to make it easier for an attacker to compromise wireless networks.
- Every major media outlet running stories on wardriving, warwalking, warbiking, warflying, warspelunking, etc. This has had both a positive and negative effect for the wireless and information security industries.
- WiFi certifying 802.11 wireless cards as "secure", WPA. Significant development toward a ratified task group i standard (802.11i).
The unauthorized use of network resources is a problem for any organization. I believe the stories and dramatic sound bytes about warchalking and wardriving has been more of a benefit to improving the security of wireless networks than a detriment. Without the news stories covering wardriving in cities throughout the globe, I don't believe as many CIOs would recognize wireless security as a significant problem. Phrases like "parking-lot attacks" didn't catch as much glitz as "wardriving" in previous years. Now people recognize at least the threat of insecure wireless networks - even if they aren't taking steps to protect their infrastructure.
Will there be a slowdown in acceptance of wireless technology in the corporate environment in 2003 because of increased security concerns?
Wireless network deployment will continue to grow with increasingly rapid deployment in specific vertical markets such as the medical industry. I believe all markets will continue to expand their deployments, although the growth will be reduced due to security concerns and capital constraints.
What are your predictions for the future when it comes to wireless security?
- Continued development of 802.11 attacks tools. I expect to see major announcements from 802.11 card manufacturers providing software updates to mitigate the impact of denial-of-service tools becoming widely available.
- More growth in the proprietary point-solution market for wireless security. Vendors such as BlueSocket and Vernier provide appliances that allow an administrator to combine the best of standards-based protocols (VPN, 802.1x) with proprietary hardware appliances in an easy to deploy architecture.
- Wireless security certifications; vendor-neutral groups training and testing administrators on the technologies, problems and solutions surrounding wireless security.
- Combined solutions to secure wireless networks - it will be more common to see deployments of PEAP + WPA + 802.11i + VPN + 802.1x for enterprises that require authorized, authenticated and privatized wireless networks for a wide range of clients. There will still be a lot of SSID=linksys, WEP=no too.