LAS VEGAS, NV. - May 8, 2003 - Last week's Networld+Interop trade show was a showcase event for vendors to display the latest wireless LAN technologies, but the conference's 802.11 WLANs exposed more than just new products.

In conducting a 2-hour customer demonstration at the conference, AirDefense deployed just one of its remote sensors to monitor all wireless LAN traffic in the 100,000 square-foot showroom floor. As part of the demonstration, AirDefense recognized multiple network configuration errors on access points and stations that openly exposed network traffic and opened devices to attacks and other security threats.

"While security standards for wireless LANs have advanced for enterprises to safely deploy WLANs, improperly configured devices and access points remain a significant threat," said Pete Lindstrom, a research director with Spire Security. "With all the attention given to the security concerns of wireless LANs, vendors and attendees must have been aware of at least some of the issues. It is surprising that they still had so many discrepancies."

Among the 230 access points that AirDefense identified on the showroom floor:

• 92 did not encrypt or authenticate the WLAN traffic with WEP, 802.1x, LEAP, PEAP or WPA;
• 15 were connected directly into hubs, which caused the access point to openly broadcast all wired traffic into the airwaves;
• 38 were improperly configured with default settings, overlapping channels or conflicting modes of authentication where access points allowed both 802.1x and open authentication;
• 95 experienced excessive network interference which forced the access point to retransmit traffic more than 50 percent of the time; and
• 7 were "softAPs" where laptops were functioning as rogue access points.
  

Wireless LAN security concerns also extended to the 824 stations and devices that were identified by AirDefense during the 2-hour period. Some of the most alarming vulnerabilities included 28 individual stations that were configured with open SSIDs, which forced the station to connect to the access point with the strongest signal strength. These stations had no control over which networks they connected to and could have been easily duped into communicating with malicious hackers.

Other concerns among the stations and devices included 72 stations that broadcasted probes looking for networks that were not at N+I. Twenty-four of these stations probed for all access points with which they had previously connected. Many of the SSIDs of these non-present access points could be identified as corporate networks on wireless LAN mapping sites, such as www.wigle.net. Potential hackers could easily steal the identities of these stations and then access the corporate networks.

In addition, AirDefense identified 30 stations that were configured for ad hoc, peer-to-peer networking and 14 actual ad hoc networks. These direct connections between devices allow for easy file sharing but offer little security or authentication. An executive's laptop in ad hoc mode opens the door to allow a hacker to unknowingly connect to the laptop, access all shared files and launch direct attacks.

AirDefense also identified attacks and suspicious events on the wireless LANs at Networld+Interop. These hacks and events included:

• 224 individual stations that scanned the wireless LANs with tools such as Netstumbler and MiniStumbler;
• 16 Denial-of-Service attacks including 8 de-authentication floods against individual stations, 4 disassociate floods against specific access points, 2 broadcast floods with disassociate and de-authenticate commands against access points and 2 DOS Cloud attacks that jammed the airwaves for multiple access points and stations;
• 10 identity thefts from spoofed MAC addresses from stations; and
• 15 IP-based attacks that exposed vulnerabilities on access points.

"AirDefense recognized these attacks and configuration errors only by monitoring the airwaves," Jay Chaudhry, chairman and CEO of AirDefense. "With 24x7, real-time vigilance of all wireless LAN activity, enterprises are able to identify security vulnerabilities and network policy violations and can then take action to correct the problem."

About AirDefense, Inc.
AirDefense provides the ultimate security for 802.11 wireless local-area networks with intrusion detection and security solutions that discover vulnerabilities protect against attacks and monitor the health of wireless LANs. Together with advanced encryption and authentication, AirDefense is a key element of wireless LAN security by statefully monitoring and protecting wireless LAN airwaves. Atlanta-based AirDefense incorporates innovative and patent-pending state-analysis and multi-dimensional detection engines. For more information, go to www.airdefense.NET or call 770.663.8115.

Media Contacts:

Brian Moran
AirDefense, Inc.
877.220.8301 x 110
770.663.8115 x 110
bmoran@airdefense.net

###

AirDefense is a registered trademark of AirDefense, Inc. All other trademarks are property of their respective owners.

.