Posted by: KevinBeaver
Kevin Beaver, Security, Wireless in 2010
AirMagnet recently released a whitepaper entitled Wireless Clients in the Crosshairs that delves into the subject of client-side vulnerabilities and wireless intrusion prevention systems (WIPS).
The paper focuses on one of the greatest problems we see with wireless networks, yet something that doesn’t get the attention it deserves. I like this line from the introduction: “wired security systems do little to protect against this over-the-air malicious traffic.” True, true – something that’s often overlooked. The paper goes on to say “the majority of Wi-Fi threats occur, and are only detectable, in the air, and the majority of evolving hacks and vulnerabilities revolve around end-user client devices, not enterprise APs.”
This is actually something I’ve seen over the years whereby the focus has been on the APs, similar to the original focus we had on firewalls when it came to network security. As wireless networks have matured, it’s no longer enough to focus on vulnerable or rogue APs alone. Instead, we have to look at everything, end to end.
The paper also covers the wireless hacking tools KARMA and MDK3 – both of which can spell bad news for your airwaves. Overall, the paper doesn’t take the same old approach to locking down the airwaves but instead talks about wireless network threats that we still have – even with all the fancy encryption and related security controls at our disposal – and how WIPS can lock things down once and for all. Definitely worth checking out.
Kevin Beaver is an independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. He can be reached through his website at www.principlelogic.com.