- 149 network scans from tools such as Netstumbler, Wellenreiter and commercial scanners
- 105 Denial-of-Service attacks that included 27 de-authenticate attacks against stations, 48 de-authenticate attacks against access points, 12 de-authenticate "cloud" attacks, 16 ARP floods and two EAP floods against authentication servers
- 84 identity thefts where user stations spoofed MAC addresses of other stations or access points;
- Three successful Man-in-the-Middle attacks (32 were attempted); and
- Eight instances where malicious stations searched for known exploits in access points.
- 92 did not encrypt or authenticate the WLAN traffic with WEP, 802.1x, LEAP, PEAP or WPA;
- 15 were connected directly into hubs, which caused the access point to openly broadcast all wired traffic into the airwaves;
- 38 were improperly configured with default settings, overlapping channels or conflicting modes of authentication where access points allowed both 802.1x and open authentication;
- 95 experienced excessive network interference which forced the access point to retransmit traffic more than 50 percent of the time; and
- 7 were "softAPs" where laptops were functioning as rogue access points.
- 224 individual stations that scanned the wireless LANs with tools such as Netstumbler and MiniStumbler;
- 16 Denial-of-Service attacks including 8 de-authentication floods against individual stations, 4 disassociate floods against specific access points, 2 broadcast floods with disassociate and de-authenticate commands against access points and 2 DOS Cloud attacks that jammed the airwaves for multiple access points and stations;
- 10 identity thefts from spoofed MAC addresses from stations; and
- 15 IP-based attacks that exposed vulnerabilities on access points.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.