A behind-the-scenes security war raged at a recent Wi-Fi trade show, a US company that provides wireless LAN security monitoring products has claimed.
Wireless monitoring gear vendor AirDefense said that most attendees and exhibitors at a Wi-Fi Planet Expo in the US this month didn't know they were the subjects of some 21 attacks. The company monitored the airwaves at the expo.
Fred Tanzella, chief security officer at AirDefense, said such attacks may have been about gathering competitive intelligence.
'You can go around to your competitors' booths to get competitive information, but this type of attack is more aggressive,' he said.
However, Tanzella acknowledged that he had no first-hand information about why the attacks were launched or who launched them.
AirDefense said it detected 21 attempted man-in-the-middle attacks in a single day at the show, 16 of which succeeded. Such attacks can steal user names and passwords from improperly protected Wi-Fi clients logging on to a VPN, he said.
'We saw the same thing at a spring show, but this time the attacks were much more successful ... That tells me that the tools are getting much more sophisticated,' Tanzella said.
The company also said it monitored 33 attacks against Extensible Authentication Protocol (EAP), 75 denial-of-service (DoS) attacks aimed at access points and 12 DoS-cloud attacks that target every user on a specific wireless channel.
Further, AirDefense reported 25 attacks that broadcast fake access point SSIDs. The fake SSIDs were for ad hoc wireless connections.
Windows XP users were particularly vulnerable to that type of attack because the fake network shows up as an available WLAN and some users try to log on, Tanzella said.
When that happens, they are simply sending clear-text information directly to the hacker, he said.
Tanzella stressed that he didn't blame the show organisers. The norm for public access to wireless LANs was to have no security, he noted, and there wasn't much public access providers could do.
'You can set up WEP with a key but everybody would know the key,' Tanzella said. 'What you'd expect is that corporate users would have VPNs.'
He said that VPNs, while vulnerable, were still safer than not using anything. Personal firewalls would also protect against false SSID attacks, he said.
AirDefense had also suggested that anybody who logged on at the show change their password.
Tanzella said such attacks were likely to increase. 'If you look on the internet, there are so many tools that were open source-developed for this sort of thing,' he said. 'You don't even have to be a hacker to use some of them.'
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
