Archive

Posts Tagged ‘WEP’

Goodbye, WEP & TKIP

June 18th, 2010
No comments
Ban of WEP & TKIP

Ban of WEP & TKIP

Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be disallowed on all Wi-Fi devices. This is the good news. But, let us also get to the “bad” news.

 

Read more…

Post to Twitter Post to Yahoo Buzz Post to Delicious Post to Digg Post to Ping.fm Post to Reddit Post to StumbleUpon

K N Gopinath PCI, Wireless scanning, Wireless security , , , , ,

WiFish Finder: WiFi Honeypot vulnerability assessment made simple

August 2nd, 2009
No comments

What % of WiFi laptop users in your organization are vulnerable to WiFishing attacks? The odds are very high that you don’t have an exact answer.

 

WiFish Finder is a tool for assessing whether WiFi devices active in the air are vulnerable to ‘Wi-Fishing’ attacks. Assessment is performed through a combination of passive traffic sniffing and active probing techniques. Most WiFi clients keep a memory of networks (SSIDs) they have connected to in the past. Wi-Fish Finder first builds a list of probed networks and then using a set of clever techniques also determines security setting of each probed network. A client is a fishing target if it is actively seeking to connect to an OPEN or a WEP network. Clients only willing to connect to WPA or WPA2 networks are not completely safe either!

 

To find out why – you’r welcome to try out WiFish Finder a vulnerability assessment tool built by Sohail and Prabhash, members of security research team at AirTight Networks. Sohail is presenting WiFish Finder at DefCon 2009 today. Demo version of this tool (Version 1.0) can be downloaded from http://airtightnetworks.com/fileadmin/downloads/WiFishFinder-v0.1.zip

 

Sohail is also planning to release WiFish Finder Ver 2.0 with speed, usability and feature enhancements (such as PEAP vulnerability detection) upon his return from Las Vegas. To download full featured version of WiFish Finder and for tips on protecting your laptop from Wi-Fishing attacks, visit http://www.airtightnetworks.com/wifishfinder.This URL will be operational in 4-5 days.

 

What % of WiFi laptop users in your organization are vulnerable to WiFishing attacks? Well, you only have to wait another 4-5 days to find out the answer!

 

-*- Pravin -*-

Post to Twitter Post to Yahoo Buzz Post to Delicious Post to Digg Post to Ping.fm Post to Reddit Post to StumbleUpon

Pravin Bhagwat Best practices, Wireless scanning, Wireless security , , , , , , , , ,