AirDefense: N+I = No Wireless Security
May 08, 2003
Security solutions were center state at last week's Networld+Interop show, but one WLAN security provider says behind the scenes there was a morass of attacks and wide-open networks that vendors should find embarrassing.
Although wireless security was center stage during last week's Networld+Interop trade show in Las Vegas, behind the scenes was a convention floor full of misconfigured hardware resulting in malicious attacks on computers and undoubtedly many red faces.
While N+I is the premiere get-together for networking professionals, when it came to securing the countless wireless networks, participants "were not talking the talk or walking the walk," according to Fred Tanzella, chief security officer for AirDefense, a maker of wireless security products.
In a two-hour monitoring sweep of the 100,000-square foot convention floor, AirDefense detected hundreds of instances of mis-configured devices with results ranging from re-broadcasting information in 'the clear' to faking identities for the purpose of corporate snooping.
The results of the passive monitoring were surprising, since you would think networking professionals "are more savvy than regular folks," Tanzella said.
"With all the attention given to the security concerns of wireless LANs, you would think vendors would take extra precaution to secure their wireless LANs at the conference," said Jay Chaudhry, chairman and CEO of AirDefense.
While N+I was the coming-out party for Wi-Fi Protected Access (WPA), the stop-gap security measure meant to replace Wired Equivalent Privacy (WEP), the security firm found forty percent of the 230 access points monitored failed to encrypt wireless traffic using WPA, 802.1x, or even the now-discredited WEP.
Along with insecurity of vendor's own gear, the passive monitoring revealed many "attacks and suspicious events," including 224 wireless devices employing the freely-available Netstumbler and MiniStumbler software to scan the networks.
More ominous were ten identity thefts allowing people to impersonate Media Access Control (MAC) addresses and 16 Denial-of-Service attacks, both allowing attackers to "dig into intellectual property" on the laptops of convention attendees, Tanzella said.Tanzella said the attacks were intentional and indicated convention members "were not satisfied with what they are sharing with the public."
The AirDefense security official said at most conventions, vendors don't bring along their main networking gurus. "They are at home guarding the company network," said Tanzella.
Still, after the months-long drumbeat pointing out how misconfigured networks can pose security threats, simple errors were found to create potential headaches.
There were 30 instances of wireless devices with peer-to-peer networking enabled -- great for sharing that PowerPoint slide or a company printer, but allowing such automatic connections gives hackers the "run of your machine and access to your documentation," said Tanzella.
More than 70 WLAN devices searched for previously connected to networks, allowing open corporate networks to be uncovered.
Many of the access points monitored were connected directly into hubs, causing the AP "to openly broadcast all wired traffic into the airwaves," according to AirDefense.
Nearly 100 access points were overwhelmed by network interference.
Tanzella said AirDefense did not notify vendors attending the N+I conference of the results and would not identify the offending network owners. Previously the company conducted a similar wireless security 'audit' of four major U.S. airports and discovered problems. The company said it 'got its hands slapped' after naming the individual airports.
Despite the amount of technology and the layers of protection, "the issue always comes down to the human factor," Tanzella said.
The security monitoring was part of a two-hour demonstration at the show of the company's AirDefense Guard security system.
Does all this mean you can't begin to secure your network? Of course not. Join us at the 802.11 Planet Conference & Expo, June 25 - 27, 2003 at the World Trade Center Boston in Boston, MA. There are many different stages and levels of true WLAN security. We'll look at them on the panel called How Secure Is Secure Enough?