The Hunt for Rogue October

The Hunt for Rogue October by Rick Farina via AirTight blog

Rick Farina describes his Wi-Fi investigations at Wireless LAN Professionals Conference Europe in Maastricht, Netherlands 2014. WIPS   Read more

Wire-Side Containment – Hidden Gem of Rogue Access Point Protection

Wire-Side Containment - the Hidden Gem of Rogue Access Point Protection | by Hemant Chaskar via Airtight blog

The FCC’s decision to fine Marriott Hotels for unscrupulous Wi-Fi containment practices has set off numerous debates around the use of unlicensed spectrum. Many in the WLAN community have posted their interpretation of the decision and recommended best practices moving forward (see references below). Twitter debates have abounded as well. These parleys have focused on topics ranging from performance, to security, and monetization.
That being said, in the domain of security and PCI compliance, there is one Wi-Fi containment feature that hasn’t been mentioned, but deserves a shout-out as it is still very effective and virtually unperturbed by these events. It is called “wire-side containment”.   Read more

SMBs, WEP still a target for War Drivers

After the TJX breach, the PCI security council strengthened their wireless security standard in an attempt to prevent such catastrophic incidents from reoccurring.  While some of the largest retailers strengthened their wireless security, small and medium businesses need to take a look at their own security practices because they are just as susceptible, maybe more. … Read More

Are smartphones outsmarting your network security?

If you are concerned about the proliferation of smart devices (Iphones, Droids, tablets) and the impact on your network security, then this is a “can’t miss” webinar. The inability to detect and block unauthorized personal devices from attaching to your network puts your business at risk. AirTight CTO and Founder Pravin Bhawat discusses the challenges with mobile device management and the limitations of existing wireless network security measures.   Read more

Goodbye, WEP & TKIP

Wireless Threats cannot be solved by conventional security mechanisms

Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be… Read More

Humpty Dumpty sat on a wall…

False sense of security

Every now and then we run into network administrators and CSOs that brag about how their organization is not vulnerable to wireless security threats, only to see their rash confidence fizzle out once the results from a wireless vulnerability assessment or penetration test are out. Today, most are aware that Open WiFi on enterprise network… Read More

Why Wireless Handheld Audits Do Not Equal Security

Executive Summary

Without a viable alternative, wireless security auditors had to conduct audits by traipsing around a facility with a handheld scanning device — a time consuming and labor intensive activity. That practice is plagued by many drawbacks that greatly limit the effectiveness and efficiency of wireless security audits. Even with expensive commercial products, handheld wireless audits are cumbersome and error-prone. The use of free scanning tools only exacerbates the problem. And the man-hours and travel expenses incurred per audit negatively impact productivity.
This paper describes a new hosted service architecture offered by AirTight Networks that enables effortless, automated wireless security audits from anywhere on the Internet, anytime. No more “walk arounds.” Plug-and-play wireless scanners onsite scan round-the-clock without human intervention, and securely communicate with a central server hosted on the Internet in a secure data center. The central server analyzes the data with an up-to-date wireless vulnerability database and assesses the wireless security posture or compliance of a network. Rich vulnerability assessment and compliance reports can be generated on demand with just a mouse click. Now finally, auditors can do a large number of wireless security audits accurately and cost-effectively in very little time.
AirTight Networks’ SpectraGuard® Online is the world’s first and only wireless vulnerability management offered as a hosted service. For wireless security auditors, SpectraGuard Online can bring:
• more revenue per customer;
• the ability to serve many more customers simultaneously; and
• low touch engagements.

  Read more