Atlanta - August 3, 2004 - AirDefense, the leader in 24x7 wireless LAN security and monitoring discovered wireless LAN attacks are evolving from simple sniffing to complicated data injection and network manipulation while monitoring the airwaves at DefCon 12, the annual underground hacking convention, last week.

"The types of attacks we are seeing are increasingly more sophisticated than those of years past," said Richard Rushing, chief security officer of AirDefense. "Where as last year we noted basic denial of service and MAC spoofing attacks, this year hackers have moved on to what we refer to as level three attacks, where hackers are actually injecting traffic into the network and manipulating data."

AirDefense identified an injection attack where attendees surfing the Web would receive manipulated images and form data that they had not requested. Previously this attack was most often used on the wired side. However hackers, taking advantage of the open, unencrypted traffic, have learned to adapt the technology to function in the wireless environment.

AirDefense also discovered a new Developer's Kit Denial of Service (DoS) attack. This type of attack involves modifying firmware on a network card to allow the cards to send data without having to wait for a signal from the access point. This type of attack, equivalent to a chattering network card, can knock people off the network, prevent other users from sending data, or even allow an individual to take control of the network.

"This is an example of how theoretical attacks are becoming practical. The only way to identify this type of attack is to use a monitoring system with multiple analysis engines to detect anomalous behaviors. These types of attacks are why we are continuing to add theoretical alarms based on correlation across signature, behavior and policy engines to AirDefense. As more instances of attackers using developer's kits occur we want to ensure our customers are equipped to defend their network," said Anil Khatod, president and CEO of AirDefense.

DefCon remains the defacto conference to view leading edge tools and techniques. This year DefCon boasted the "Wall of Shame," a large screen that was displaying passwords, and identifying attendees that used "clear-text" services over the wireless network, including email, or Telnet, or Instant Messenger. Originally the producers of the wall were using "Ethereal" to capture the traffic and then parceling the data for user names and passwords. By the second day of the conference the producers of the wall, having become more adept, began using "Cain and Abel," a more sophisticated tool that automatically captures passwords.

About AirDefense, Inc.
AirDefense is the thought leader and innovator of wireless LAN security and operational support solutions. Founded in 2001, AirDefense pioneered the concept of 24x7 monitoring of the airwaves and now provides the most advanced solutions for rogue WLAN detection, policy enforcement, intrusion protection and monitoring the health of wireless LANs. As a key element of wireless LAN security, AirDefense complements wireless VPNs, encryption and authentication. Based on a secure appliance and remote sensors, AirDefense solutions scale to support single offices, corporate campuses or hundreds of locations. Blue chip companies and government agencies rely upon AirDefense solutions to secure and manage wireless LANs around the globe. For more information, go to www.airdefense.net or call 770.663.8115.

Media Contacts:
Heidi Litner
AirDefense, Inc.
770.663.8115 x 110
hlitner@airdefense.net

AirDefense is a registered trademark of AirDefense, Inc. All other trademarks are property of their respective owners.