An interesting survey on PCI DSS compliance was recently published by the Ponemon Institute. There are many interesting findings in the survey some of which I summarize here. One thing that strongly comes out is that though PCI DSS compliance is perceived as contributing to an organization’s security posture, cost factors are pestering. 60% of the… Read More
Archives for September 2009
One critical requirement from wireless intrusion prevention system (WIPS) is that it should offer robust protection against rogue wireless access points. The protection should entail instant detection followed by automatic blocking (prevention). Rogue AP detection should be free from false alarms – both on positive and negative sides. Rogue AP means unauthorized AP wired to… Read More
Finally the news that everybody in the WiFi world has been waiting for! Exactly six years after the 802.11n task group was formed, 802.11n got the final ratification as IEEE standard last Friday. It has also been reported that 802.11w (protection for 802.11 management frames) was also approved as a standard in the IEEE Standards Board meeting. If you… Read More
When talking about wired security, enterprise IT administrators talk about multiple layers of defense such as internet firewalls, VPNs, admission control, email filtering, content filtering, web application scanning and many others. However, when considering the security of a wireless network, the same enterprise IT administrators are content with the basic security provided as a part of wireless LAN infrastructure by vendors such as Cisco Systems and Aruba Networks. This is a flawed security practice.
A Wireless Intrusion Prevention System (WIPS) must be installed as a strong inner layer of defense when hackers penetrate the basic security built into the wireless LAN infrastructure. Additionally, the WIPS and the WLAN infrastructure should be sourced from different vendors to ensure non-overlapping weaknesses and hence, strong security. A WIPS combined with WLAN infrastructure from different vendors enables a strong wireless security posture for an organization.
The recently announced improved version of the original Beck-Tews attack on WPA/TKIP appears to have put the wireless security community in a tizzy again. In this post, I argue that the new attack is neither groundbreaking in academic terms, nor is it more worrying in practical terms. The proposed attack assumes (somewhat unrealistically) that the… Read More
Security is hard to get right and shortcuts — be it coding shortcuts or design shortcuts – come back and haunt the product designers when the rubber hits the road. The recently discovered “skyjacking” vulnerability of the Cisco LAPs seems to be a classic example. The “Over The Air Provisioning” (OTAP) feature allows an out-of-the-box… Read More
Rouge AP is an unauthorized AP connected to enterprise wired network. It can allow access to the enterprise wired network from its RF spillage outside of the premises. While it is well established in the mainstream that wired-wireless correlation is the only robust technique to detect such rogue APs, there also have been some wireside-only… Read More