If you are concerned about the proliferation of smart devices (Iphones, Droids, tablets) and the impact on your network security, then this is a “can’t miss” webinar. The inability to detect and block unauthorized personal devices from attaching to your network puts your business at risk. AirTight CTO and Founder Pravin Bhawat discusses the challenges with mobile device management and the limitations of existing wireless network security measures.
Great webinar yesterday hosted by QSR Magazine featuring Yum Brands, Restaurants Unlimited and AirTight Networks. Very insightful discussion with a couple forward thinking enterprises when it comes to deploying Wi-Fi in their restaurants, but the conversation is applicable to any retail environment really. Clearly security and PCI compliance are still top of mind where wireless is concerned as expressed by the panelists as well as the research presented by AirTight Networks. Over a period of 6 months, AirTight conducted a study of 725 retail networks and amazingly 24% of the still had at least one incidence of a rogue AP on the network, while 33% presented unsecure APs on the network. 68% of the networks studied has at least one wireless client vulnerability.
The recorded webinar is available here.
The WiFi snooping row Google has gotten itself into seems to be far from over. In April, Google revealed that its Street View cars had been collecting basic data such as the MAC addresses and SSIDs of WiFi networks in the vicinity. But after German authorities asked Google to audit the data, it admitted to have been “mistakenly” snooping payload data from Open WiFi networks. Apparently, a piece of WiFi data analysis code, written by Google engineers back in 2006, was part of the software used by the Street View cars, in turn leading to the WiFi snooping (of about 600 GB of data across 30 countries!). Read more…
With more enterprises deploying wireless LANs and employee-owned WiFi devices flooding enterprises, wireless LAN forensics is becoming a key component of any network forensic audit — whether to prove compliance with a regulation such as PCI DSS or in response to a security incidence. But wireless presents unique challenges to forensic audits.
Last month, at RSA 2010 conference in San Francisco, I had the oppourtunity to discuss this issue with experienced auditor and certified PCI QSA Jim Cowing. Here you can view the video recording of an abridged version of our RSA 2010 talk “Anatomy of a Forensic Audit: How Wireless Changes the Game.”
Let me summarize the highlights from the talk: Read more…
We often hear that WiFi network performance degrades due to radio interference. We also hear that interference is a complex beast which cannot be easily tamed. There are two types of interference sources which affect WiFi network performance – non-WiFi sources and WiFi sources. This post provides a guide to some practical steps to combat often cited non-WiFi interference sources such as microwave oven, Bluetooth, baby monitors, cordless phones, wireless cameras and jammers. The WiFi interference sources will be discussed in later post.
Overall, some awareness of environment around WiFi network coupled with some simple network planning steps can help win over non-WiFi interference to great extent. Additionally, ability to detect high interference levels on WiFi channels helps detect “unmanaged” sources of interference such as jammer or any unknown source. Many WLAN and wireless security systems today have ability to monitor interference levels on channels on 24×7 basis to facilitate such detection.
Every now and then we run into network administrators and CSOs that brag about how their organization is not vulnerable to wireless security threats, only to see their rash confidence fizzle out once the results from a wireless vulnerability assessment or penetration test are out.
Today, most are aware that Open WiFi on enterprise network is foolish and using WEP encryption is a bad idea and that WPA2/802.1x is the way to go. Then where do they go wrong?
Much has been said about using ‘Best Practices’ alone to secure enterprise WiFi, including no-WiFi policy. However, as security experts will vouch, most breaches happen because of naive insiders.
Here is a hilarious video that demonstrates the lack of understanding out there regarding WiFi – http://www.youtube.com/watch?v=3cgjvcxn1s4.
Imagine such a person as your employee and ask yourself the following questions.
- Can you expect all your employees to follow the prescribed WiFi best practices?
- Can you be confident that such a person will not connect to a neighboring hotspot, just because his or her desk has spotty WiFi coverage?
- Can you be certain that such a person will not bring in a ‘Linksys’ as advised by the radio host; and plug it into the ethernet under the desk and create a Rogue AP?
- Can you be certain that this person will not connect to both the WiFi and Ethernet at the same time while connected to the hotspot?
If these questions are hard to answer, you must consider Wireless Intrusion Prevention System!
Just how vulnerable are home WiFi networks? With the abundance of news stories about data privacy, hacking attacks, malware, phishing schemes, retail credit card breaches and the like, I am surprised to see such a large number of home users are still either unconcerned or unaware about securing their data. This video from Fox News, Washington DC shows that weak Wi-Fi security is still all too common in many home Wi-Fi networks.
AirTight Networks security analyst Rick Farina is featured showing how just easy it is for a hacker to find unsecured Wi-Fi in a residential neighborhood. Unfortunately, one thing that gets overlooked in these stories is just how often these same home Wi-Fi devices will show up in the corporate networks, unknowingly providing unecumbered access to sensitive data.
Aerohive, Aruba Networks announce cloud based WLAN management services, is wireless vulnerability scanning far behind?
Enterprises, namely SMBs, now have multiple options and price points for managing their wireless networks. We saw this trend about 18 months ago when AirTight decided to release a SaaS verion of our wireless IPS, SpectraGuard Online.
With the introduction of these new offerings, it will be interesting to see if the ASV’s begin to offer wireless vulnerability scanning. They already offer cloud based vulnerability scanning services for the wired network, why not wireless??
Interesting piece on Wi-Fi security on the Today Show this morning. The Today Show aired a piece called “Is your Wi-Fi connection safe?”
The story shows war driving through a residential neighborhood to show that many residential Wi-Fi users still deploy their wi-fi devices without passwords, leaving their connections vulnerable to eavesdropping.
One common Wi-Fi security threat highlighted in this report showed just how easy it is for a hacker to intercept the connection of mobile users connecting to unsecured public Wi-Fi in places like a coffee shop, airport, etc. This is not the first time this subject has been covered. See simlar stories by CNN (August 11, 2009), Fox News (July 12, 2009).
The Today Show should have also included in their report the fact that many Windows based computers cache and probe for previously used wi-fi connections, making users even more vulerable because their computer may be connecting without the users knowledge to a hacker posing as an unsecured hotspot. See the story by Forbes (November 2008).