Karmetasploit: Integrated Tools Lower Bar On Hacking Wireless Clients

Metasploit Framework integrated with KARMA! Metasploit is most potent security penetration and exploit development platform, while KARMA is a potent Evil Twin (Honeypot) tool with attracts unassuming wireless clients. With this integrated tool, it is all the more easier to establish wireless connectivity with probing wireless clients and “Metasploit” them. http://trac.metasploit.com/wiki/Karmetasploit http://blog.trailofbits.com/karma/

For Secure WiFi, Focus on Addressing Building Block Vulnerabilities …

… and Don’t Sweat Chasing Hacking Tool Signatures!   You feel pretty good and more secure when you receive that daily signature update from your anti-virus software. I feel the same and why not – anti-virus technology is fundamentally rooted in signature analysis. But don’t make the mistake of applying the same metric to wireless… Read More

Data Leakage in the Enterprise

Today Network World released an interesting real-life case study of data leakage in the enterprise – refer to http://www.networkworld.com/news/2009/051109-data-leak-audit.html?page=1 The auditor found unencrypted confidential data being sent by internal employees through email & web communication (via the company’s firewall). While customers need to deploy Email & Web DLP systems to protect themselves against these risks they also… Read More

Wireless Vulnerability Study of 7 Financial Districts’ Airspace Reveals Wi-Fi Security Risks

There appears to be a very high incidence of wireless vulnerabilities and poor wireless security practices in the financial districts of seven cities according to the results of a survey released 5/13/09 by AirTight® Networks. AirTight issued the findings of its Financial Districts Scanning Report for wireless security vulnerabilities in the financial districts of New York, Chicago, Boston, Wilmington (DE), Philadelphia, San Francisco and London.   Read more

Clarifying the WIDS/WIPS Jargon – Overlay, Integrated etc.

These days, certain terms are often used to characterize Wireless Intrusion Detection/Prevention System (WIDS/WIPS) architectures – overlay and integrated being most commonly used and that too with variable meanings. This post explains what these terms mean or should mean to be consistent with fundamental underpinnings of WIDS/WIPS architectures and functions.

Intrusion prevention strategies for 11n

Another article in the series by Joanie Wexler. “There are several ways to scan your 802.11n air environment for nasty goings-on. At a glance, the options seem pretty straightforward. However, you need to look carefully under the hood to draw a true apples-to-apples comparison of the accuracy and cost of the various offerings.” http://www.networkworld.com/newsletters/wireless/2009/033009wireless1.html?page=1