The Hunt for Rogue October

The Hunt for Rogue October by Rick Farina via AirTight blog

Rick Farina describes his Wi-Fi investigations at Wireless LAN Professionals Conference Europe in Maastricht, Netherlands 2014. WIPS   Read more

Wire-Side Containment – Hidden Gem of Rogue Access Point Protection

Wire-Side Containment - the Hidden Gem of Rogue Access Point Protection | by Hemant Chaskar via Airtight blog

The FCC’s decision to fine Marriott Hotels for unscrupulous Wi-Fi containment practices has set off numerous debates around the use of unlicensed spectrum. Many in the WLAN community have posted their interpretation of the decision and recommended best practices moving forward (see references below). Twitter debates have abounded as well. These parleys have focused on topics ranging from performance, to security, and monetization.
That being said, in the domain of security and PCI compliance, there is one Wi-Fi containment feature that hasn’t been mentioned, but deserves a shout-out as it is still very effective and virtually unperturbed by these events. It is called “wire-side containment”.   Read more

Blackhat Wi-Fi Security Reports and Nuances of Detection Methods

blackhat USA 13

| Shortly following the conclusion of Blackhat’13, a few articles came out reporting wireless scanning data from the venue.   Inside the Black Hat 2013 Wi-Fi Network   Karma is a …Errr, What We Learned at BlackHat 2013    Both reports state that many security relevant events were detected in the Wi-Fi traffic during the… Read More

How “soft APs” can create “soft spots” in your network security

In several of my recent wireless scanning exercises, I have encountered soft APs much more often than before. In one case, it was an employee who returned from business trip who had used USB WiFi AP in hotel to share his Internet connection with fellow workers (well, they did not all want to pay $5… Read More

Ugly, Bad and Good of Wireless Rogue Access Point Detection

Classification

One critical requirement from wireless intrusion prevention system (WIPS) is that it should offer robust protection against rogue wireless access points. The protection should entail instant detection followed by automatic blocking (prevention). Rogue AP detection should be free from false alarms – both on positive and negative sides. Rogue AP means unauthorized AP wired to… Read More

Is skyjacking a mere DoS threat against Cisco WLAN?

Skyjacking vulnerability which allows Cisco LAP to be diverted to connect to rogue controller by manipulating OTAP could be more dangerous than what has been clarified by Cisco in its advisory. The advisory says that “An exploit could prevent the device from functioning properly, resulting in a DoS condition. There is no risk of data loss… Read More