Lack of Security at Wireless Conferences
by Berislav Kucan - Wednesday, 6 August 2003.
During the 802.11 Planet Expo in Boston, wireless security company AirDefense monitored WLAN activity and published their findings in the July 2003 edition of WLAN Watch newsletter. These are some of the fun facts AirDefense stumbled across. Suspicious and malicious activity at the 802.11 Planet Expo included:
  • 149 network scans from tools such as Netstumbler, Wellenreiter and commercial scanners
  • 105 Denial-of-Service attacks that included 27 de-authenticate attacks against stations, 48 de-authenticate attacks against access points, 12 de-authenticate "cloud" attacks, 16 ARP floods and two EAP floods against authentication servers
  • 84 identity thefts where user stations spoofed MAC addresses of other stations or access points;
  • Three successful Man-in-the-Middle attacks (32 were attempted); and
  • Eight instances where malicious stations searched for known exploits in access points.
Among the 230 access points that AirDefense identified on the showroom floor:
  • 92 did not encrypt or authenticate the WLAN traffic with WEP, 802.1x, LEAP, PEAP or WPA;
  • 15 were connected directly into hubs, which caused the access point to openly broadcast all wired traffic into the airwaves;
  • 38 were improperly configured with default settings, overlapping channels or conflicting modes of authentication where access points allowed both 802.1x and open authentication;
  • 95 experienced excessive network interference which forced the access point to retransmit traffic more than 50 percent of the time; and
  • 7 were "softAPs" where laptops were functioning as rogue access points.
AirDefense also identified attacks and suspicious events on the wireless LANs at Networld+Interop.
  • 224 individual stations that scanned the wireless LANs with tools such as Netstumbler and MiniStumbler;
  • 16 Denial-of-Service attacks including 8 de-authentication floods against individual stations, 4 disassociate floods against specific access points, 2 broadcast floods with disassociate and de-authenticate commands against access points and 2 DOS Cloud attacks that jammed the airwaves for multiple access points and stations;
  • 10 identity thefts from spoofed MAC addresses from stations; and
  • 15 IP-based attacks that exposed vulnerabilities on access points.

Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //