Enterprise IT Watch Blog

Aug 30 2010   3:32PM GMT

WIPS is better than WHOOPS

Kevin Beaver Kevin Beaver Profile: Kevin Beaver


AirMagnet recently released a whitepaper entitled Wireless Clients in the Crosshairs that delves into the subject of client-side vulnerabilities and wireless intrusion prevention systems (WIPS).

The paper focuses on one of the greatest problems we see with wireless networks, yet something that doesn’t get the attention it deserves. I like this line from the introduction: “wired security systems do little to protect against this over-the-air malicious traffic.” True, true – something that’s often overlooked. The paper goes on to say “the majority of Wi-Fi threats occur, and are only detectable, in the air, and the majority of evolving hacks and vulnerabilities revolve around end-user client devices, not enterprise APs.”

This is actually something I’ve seen over the years whereby the focus has been on the APs, similar to the original focus we had on firewalls when it came to network security. As wireless networks have matured, it’s no longer enough to focus on vulnerable or rogue APs alone. Instead, we have to look at everything, end to end.

The paper also covers the wireless hacking tools KARMA and MDK3 – both of which can spell bad news for your airwaves. Overall, the paper doesn’t take the same old approach to locking down the airwaves but instead talks about wireless network threats that we still have – even with all the fancy encryption and related security controls at our disposal – and how WIPS can lock things down once and for all. Definitely worth checking out.

Kevin Beaver is anĀ independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. He can be reached through his website at www.principlelogic.com.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: