Network security managers beware: Hackers have turned their attention to 802.11 wireless LANs and are developing new attacks that put your information assets at risk. However, wireless LANs can be secured with a layered approach to security that goes beyond standard encryption and authentication to include 24x7 monitoring and intrusion protection.

At the early August DefCon X hacker conference in Las Vegas, AirDefense sampled the traffic from the convention's wireless LAN over a 2-hour period and identified more than 10 new types of attacks on 802.11 wireless LANs.

"As wireless LANs spread throughout businesses, hackers are honing their skills to compromise those networks," said Fred Tanzella, chief security officer of AirDefense Inc. "Despite the continuing development of new threats, wireless LANs can be secured as long as security managers implement a comprehensive set of security solutions."

During the 2 hours in which it monitored the wireless LAN at the hacker convention, the AirDefense WLAN security appliance generated over 13,000 alarms from a minute-by-minute account of all wireless attacks and threats.

"The high number of alarms is attributed to the hostility of the network - not false positives. The wireless LAN at DefCon X could have been the most hostile wireless network ever seen. Enterprise wireless LANs likely will not experience the ferocity seen at DefCon, but businesses can protect their networks from these types of attacks," Tanzella said.

AirDefense identified 8 sanctioned access points, 35 rogue access points and more than 800 different station addresses. AirDefense's 802.11 security experts estimate that 200 to 300 of the station addresses were fakes because only about 350 people were in the WLAN network room at a single time.

AirDefense discovered 115 peer-to-peer ad hoc networks and identified 123 stations that launched a total of 807 attacks during the 2 hours.

Among the 807 attacks:

	490 were wireless probes from tools such as Netstumbler, which were used to scan the network and determine who was most vulnerable to greater attacks;
	190 were identity thefts, such as when Media Access Control (MAC) addresses and Service Set Identifiers (SSIDs) were spoofed to assume the identity of another user;
	100 were varying forms Denial-of-Service attacks that either (1) jammed the airwaves with noise to shut down an access point, (2) targeted specific stations by continually disconnecting them from an access point or (3) forced stations to route their traffic through other stations that ultimately did not connect back to the network; and
	27 attacks came from out-of-specification management frames where hackers launched attacks that exploited 802.11 protocols to take over other stations and control the network.

Of the more than 10 new types of attacks identified by AirDefense, the company's 802.11 security experts determined that many were new forms of Denial-of-Service attacks but an apparent danger came from the growing number of ways in which hackers have learned to abuse 802.11 protocols.

"By detecting unknown attacks, AirDefense proved that security can stay ahead of the latest threats from hackers," said Scott Hrastar, chief technology officer and vice president of engineering at AirDefense. "Because AirDefense's intrusion protection does not rely solely upon attack signatures, we were able to detect new attacks that misuse and abuse 802.11 protocols."

AirDefense's Multi-Dimensional Detection Engine analyzes threats to identify security breaches based on: Signature analysis, Policy compliance, Protocol assessment and Statistically anomalous behavior.

Learn more....

To learn more about WLAN security risks and defenses, AirDefense offers flexible programs to meet your needs:

1. White paper to read at your leisure.

2. Free 1-hour Webinar.

3. Free 3-hour live seminar.

4. 3-Day hands-on training course.

Home | Contact Us | More Info | Careers | Webmaster

Copyright 2001, 2002 AirDefense, Inc. All Rights Reserved.
Privacy Policy | Legal Notice