Las Vegas- May 13, 2004 - Day two of NetWorld + Interop brought a crowded spectrum making it harder for attendees to connect to the conference wireless LAN as compared to day one, noted AirDefense the leader in 24x7 wireless security monitoring. There was also increase in MAC spoofing, Soft APs, ad hoc networks and Denial of Service attacks.

AirDefense continued its study of the airwaves in the exhibit hall stating nearly 40 percent fewer wireless devices than day one, but with an increased ratio of malicious activity from attendees. The number of access points (APs) remained similar. Once again less than half of the access points had stations connect to them, contributing to poor network performance.

"The RF spectrum today was worse than yesterday," said Richard Rushing chief security officer of AirDefense. "Although some exhibitors switched to less popular channels or even to the cleaner A spectrum, the 'Good Neighbor' wireless policy only prompted attendees to turn up the power of their access points making it more difficult for attendees to communicate."

AirDefense noted an increase in unsecured connections to Hotspots, up three percent from 18 percent yesterday. The majority of connections continued to be created for email, file transfer protocol, instant messaging and Telnet.

There were 144 ad hoc networks established on day two, an increase by nearly 50 percent. This is a likely but dangerous alternative to connecting with the established access points. Additionally, AirDefense identified eight separate devices that created an ad hoc network with the SSID "Free-Aruba," the planned free Internet access for the show floor. Because ad hoc networks have little security in terms of authentication and encryption, these devices trapped other devices connecting to the network and launched vulnerability scanner attacks against the clients.

"The increase in malicious activity was likely due to more free time by the attendees and the frustration of attendees not being able to get out to the Internet," said Rushing. "We were also concerned when we found Denial of Service attacks that were launched against devices using 'special characters' in the SSID which would cause wireless devices that were listening to the airwaves to fail, including APs and PCs."

Also of concern six devices were actively roaming the exhibit hall floor in ad hoc mode. These stations were continuously broadcasting their SSIDs enabling any other user to tap into the ad hoc network.

MAC Spoofing was up nearly 20 percent from day one, likely due the vulnerability introduced by the wireless network not functioning at full capacity. The unbalanced network promoted transient stations to probe for an available access point. When access points were overloaded or users were unable to find the "real" network, stations would accidentally connect with a "SoftAP" or ad hoc network with the same SSID. The number of Soft APs was also up 40 percent. Users activating software such as PCTel, a Windows based product that enables a PC to become an AP, likely explain the increase.

Additional AirDefense research discovered the following wireless LAN and Bluetooth risks and threats on day two:

"Although the traffic and bandwidth distribution is likely better in a corporate environment, the issues that AirDefense identified during the show can happen in an organization," said Anil Khatod, chief executive officer of AirDefense. "Without visibility into an organization's air space organizations will not know the threats and vulnerabilities of the network until it is too late."

About AirDefense, Inc.
AirDefense is the thought leader and innovator of wireless LAN security and operational support solutions. Founded in 2001, AirDefense pioneered the concept of 24x7 monitoring of the airwaves and now provides the most advanced solutions for rogue WLAN detection, policy enforcement, intrusion protection and monitoring the health of wireless LANs. As a key element of wireless LAN security, AirDefense complements wireless VPNs, encryption and authentication. Based on a secure appliance and remote sensors, AirDefense solutions scale to support single offices, corporate campuses or hundreds of locations. Blue chip companies and government agencies rely upon AirDefense solutions to secure and manage wireless LANs around the globe. For more information, go to www.airdefense.net or call 770.663.8115.

Media Contacts:
Heidi Litner
AirDefense, Inc.
770.663.8115 x 110
hlitner@airdefense.net

AirDefense is a registered trademark of AirDefense, Inc. All other trademarks are property of their respective owners.