Wi-Fi security has experienced a lot of churn over the last decade. As protocols like WEP and TKIP fell by the wayside, WPA2 emerged as the “Last Wi-Fi Security Protocol Standing.” Wi-Fi Alliance recently announced its plan to phase out WEP and TKIP, promoting WPA2 as the go-to security standard.
With solid protection in the form of AES encryption and 802.1x based authentication, there was no reason to look beyond. WPA2 did its job well keeping the bad guys outside, out of the network. And traditionally that has always been the focus of Wi-Fi security.
But…!
Read More…
Kaustubh Phanse Wireless security Hole196, insider attacks, WPA2
Ban of WEP & TKIP
Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be disallowed on all Wi-Fi devices. This is the good news. But, let us also get to the “bad” news.
Read More…
K N Gopinath PCI, Wireless scanning, Wireless security Rogue AP, TKIP, WEP, WiFi security, Wireless Intrusion Prevention, Wireless security
Last week we saw Google facing legal tangles for “accidental interception” of WiFi signals and this week it was Apple facing “mysterious disappearance” of WiFi signals during iPhone-4 demo at WWDC keynote. So “what’s going on”, does WiFi not like us any more? Well, because these things struck Eric and Steve, we got to hear about them, but in fact they strike Tom, Dick and Harry everyday.
But there is a way out of this WiFi chaos.
Read More…
Hemant Chaskar Wireless scanning, Wireless security iphone 4 wifi, iphone launch wifi, iphone WiFi problem, WiFi performance, WiFi security
The WiFi snooping row Google has gotten itself into seems to be far from over. In April, Google revealed that its Street View cars had been collecting basic data such as the MAC addresses and SSIDs of WiFi networks in the vicinity. But after German authorities asked Google to audit the data, it admitted to have been “mistakenly” snooping payload data from Open WiFi networks. Apparently, a piece of WiFi data analysis code, written by Google engineers back in 2006, was part of the software used by the Street View cars, in turn leading to the WiFi snooping (of about 600 GB of data across 30 countries!).
Read More…
Kaustubh Phanse Best practices, Wireless scanning, Wireless security secure WiFi, WiFi, WiFi hotspot, Wireless security
With more enterprises deploying wireless LANs and employee-owned WiFi devices flooding enterprises, wireless LAN forensics is becoming a key component of any network forensic audit — whether to prove compliance with a regulation such as PCI DSS or in response to a security incidence. But wireless presents unique challenges to forensic audits.
Last month, at RSA 2010 conference in San Francisco, I had the oppourtunity to discuss this issue with experienced auditor and certified PCI QSA Jim Cowing. Here you can view the video recording of an abridged version of our RSA 2010 talk “Anatomy of a Forensic Audit: How Wireless Changes the Game.”
Let me summarize the highlights from the talk:
Read More…
Kaustubh Phanse Best practices, Compliance, PCI, Wireless scanning, Wireless security Forensic audit, PCI DSS, WIPS, Wireless forensics, Wireless Intrusion Prevention
We often hear that WiFi network performance degrades due to radio interference. We also hear that interference is a complex beast which cannot be easily tamed. There are two types of interference sources which affect WiFi network performance – non-WiFi sources and WiFi sources. This post provides a guide to some practical steps to combat often cited non-WiFi interference sources such as microwave oven, Bluetooth, baby monitors, cordless phones, wireless cameras and jammers. The WiFi interference sources will be discussed in later post.
Overall, some awareness of environment around WiFi network coupled with some simple network planning steps can help win over non-WiFi interference to great extent. Additionally, ability to detect high interference levels on WiFi channels helps detect “unmanaged” sources of interference such as jammer or any unknown source. Many WLAN and wireless security systems today have ability to monitor interference levels on channels on 24×7 basis to facilitate such detection.
Hemant Chaskar Best practices, WLAN planning baby monitor, bluetooth, cordless phone, interference, jammer, microwave, oven, spectrum analysis
Wireless PCI Compliance in just 5 Minutes
This new product video from AirTight Networks shows how easy it is to automate your wireless PCI vulnerability scanning. AirTight SpectraGuard Online can be configured and running in as little as 5 minutes and 3 easy steps. AirTight eliminates the need to send staff to remote locations with a mobile analyzer to conduct the routine PCI scan for rogue APs. IT professionals should find this refreshing.
Watch AirTight’s wireless PCI scanning video
Mike Baglietto Compliance, PCI, Wireless scanning, Wireless security PCI
Every now and then we run into network administrators and CSOs that brag about how their organization is not vulnerable to wireless security threats, only to see their rash confidence fizzle out once the results from a wireless vulnerability assessment or penetration test are out.
Today, most are aware that Open WiFi on enterprise network is foolish and using WEP encryption is a bad idea and that WPA2/802.1x is the way to go. Then where do they go wrong?
Read More…
Kaustubh Phanse Best practices, Wireless scanning, Wireless security myths
Wi-Fi security has experienced a lot of churn over the last decade. As protocols like WEP and TKIP fell by the wayside, WPA2 emerged as the “Last Wi-Fi Security Protocol Standing.” Wi-Fi Alliance recently announced its plan to phase out WEP and TKIP, promoting WPA2 as the go-to security standard.
