Rick Farina describes his Wi-Fi investigations at Wireless LAN Professionals Conference Europe in Maastricht, Netherlands 2014. WIPS Read more
The FCC’s decision to fine Marriott Hotels for unscrupulous Wi-Fi containment practices has set off numerous debates around the use of unlicensed spectrum. Many in the WLAN community have posted their interpretation of the decision and recommended best practices moving forward (see references below). Twitter debates have abounded as well. These parleys have focused on topics ranging from performance, to security, and monetization.
That being said, in the domain of security and PCI compliance, there is one Wi-Fi containment feature that hasn’t been mentioned, but deserves a shout-out as it is still very effective and virtually unperturbed by these events. It is called “wire-side containment”. Read more
The FCC issued an order and consent decree (settlement details) DA 14-1444 in the investigation of Marriott International regarding blocking of personal Wi-Fi hot spots in the conference facilities of the Gaylord Opryland hotel. The FCC imposed $600,000 fine. Read more
| Shortly following the conclusion of Blackhat’13, a few articles came out reporting wireless scanning data from the venue. Inside the Black Hat 2013 Wi-Fi Network Karma is a …Errr, What We Learned at BlackHat 2013 Both reports state that many security relevant events were detected in the Wi-Fi traffic during the… Read More
In several of my recent wireless scanning exercises, I have encountered soft APs much more often than before. In one case, it was an employee who returned from business trip who had used USB WiFi AP in hotel to share his Internet connection with fellow workers (well, they did not all want to pay $5… Read More
One critical requirement from wireless intrusion prevention system (WIPS) is that it should offer robust protection against rogue wireless access points. The protection should entail instant detection followed by automatic blocking (prevention). Rogue AP detection should be free from false alarms – both on positive and negative sides. Rogue AP means unauthorized AP wired to… Read More
Skyjacking vulnerability which allows Cisco LAP to be diverted to connect to rogue controller by manipulating OTAP could be more dangerous than what has been clarified by Cisco in its advisory. The advisory says that “An exploit could prevent the device from functioning properly, resulting in a DoS condition. There is no risk of data loss… Read More