WLAN Insecurity Remains a Threat

Despite all of the attention being paid to wireless security, the message apparently hasn't gotten through to everyone, including many vendors.

Despite all of the attention being paid these days to security, and in particular wireless security, the message apparently hasnt gotten through to everyone, including many vendors.

AirDefense Inc., a wireless LAN security company, set up one of its sensors on the show floor at last weeks Networld+Interop show in Las Vegas, and in just two hours of monitoring found 230 wireless access points, including 92 that were transmitting their traffic in the clear without encryption. There were also 38 access points that were configured incorrectly, with either overlapping channels or conflicting authentication methods.

Not to mention the 15 access points that were plugged directly into network hubs which had the effect of broadcasting all of the networks wired traffic over the wireless LAN, as well. This is not encouraging news, especially given all of the effort that security experts have put in to raise awareness about the security problems inherent in WLANs.

"While security standards for wireless LANs have advanced for enterprises to safely deploy WLANs, improperly configured devices and access points remain a significant threat," said Jay Chaudhry, chairman and CEO of AirDefense, based in Atlanta. "With all the attention given to the security concerns of wireless LANs, you would think that vendors would take extra precaution to secure their wireless LANs at the conference."

But the vendors on the show floor were certainly not the only culprits. Thirty WLAN stations, i.e., laptops or PDAs with WLAN cards installed, were configured to allow ad-hoc networking. This configuration allows stations to act as access points and form peer-to-peer wireless networks. This is a dangerous practice for several reasons, most importantly that its difficult to control who connects to the network.

Not surprisingly, given all of the insecure WLAN equipment on the floor, AirDefense also detected a number of attacks and a large amount of surveillance activity. The malicious activity included 16 denial-of-service attacks, 10 identity thefts from spoofed MAC addresses from stations and 15 IP-based attacks.

Latest Security News:

Search for more stories by Dennis Fisher.
Find white papers on security.