[ISN] Internet Security Systems Moves to Parry Drive-by Hackers

From: InfoSec News (isnat_private)
Date: Wed Apr 25 2001 - 13:21:53 PDT

  • Next message: InfoSec News: "[ISN] Microsoft security fixes infected with FunLove virus"

    By Clint Boulton
    April 25, 2001
    Atlanta-based Internet Security Systems Inc. (ISS) has long had this
    concern about drive by hackers. That's right -- drive-by hackers.
    ISS claims perpetrators can equip their laptops with wireless
    technology, sit inconspicuously on a park bench, or in a car, and
    casually monitor traffic, access applications, and hijack data flowing
    over someone else's wireless network, unbeknownst to the victim. To
    combat this threat, which sounds like it could be a plot line from an
    upcoming James Bond film, ISS Wednesday drew the curtain on wireless
    local area network (WLAN) security software an consulting practices.
    Why create safety for the WLAN? ISS said it believes enterprises are
    deploring WLANs with increasing regularity because they are
    cost-effective and help workers grab knowledge on the go from laptops
    or personal digital assistants (PDAs). And very little exists in the
    way of security for wireless networks as compared to their wired
    counterparts, LANs?
    Gartner Group, it would seem, concurs that wireless networks are in
    the midst of proliferation. The research firm said 50 percent of all
    enterprises in the U.S. will have deployed a wireless LAN by 2002, an
    increase from 21 percent at the end of last year (2000). Accordingly,
    ISS said the fact that wireless LANs can easily be accessed by
    outsiders -- friendly or not -- means they need strong protection.
    And just as perpetrators like hackers and crackers have done to wired
    networks, they can assault WLANs through the same methods:
    unauthorized access points; data interception; denial-of-service (DoS)
    attacks; peer-to-peer sabotage; and wireless laptops to attacks when
    they roam to public access points, such as airports and hotels.
    What is more frightening, ISS claims, is that non-technical employees,
    while often victims of attacks, are often unaware of these threats.
    This ignorance can make the comfort of the firewall a false security
    "Most companies have no idea that their networks are wide open to
    wireless security risks," said Christopher Klaus, founder and chief
    technology officer for ISS. "Employees today are adding their own
    wireless access points to the backbone of their company's network
    without the knowledge of their IT and security staffs. With a lack of
    awareness by the company that an access point has been added and a
    lack of proper security configuration, these rogue access points can
    become an intruder's dream backdoor into a company's network despite
    the front door firewall."
    So, ISS has devised a host of software packages to prevent intruders
    via detection. It has also implemented consulting and managed security
    to accompany these products:
    * anX-Press Update for its Internet Scanner software -- enables
      customers to scan and identify rogue wireless access points on
      their networks. The X-Force team, ISS' security research arm, is
      developing additional security risk definitions for new wireless LAN
      (WLAN) risks and these will be available as X-Press Updates in the
      near future
    * Security Architecture Consulting -- Internet Security Systems'
      consulting solutions group has integrated its security knowledge and
      methodology into wireless-specific offerings, including evaluations,
      penetration testing, design and security policy development
    * SecureU Education Services -- Scheduled to debut during Networld +
      Interop in Las Vegas on May 7, ISS has added a wireless security
      seminar to its SecureU education programs
    * Managed Security Services -- As WLAN protection features are added
      to ISS security software products, ISS' Managed Security Services
      will also integrate these capabilities into its remote managed
      security services offerings, protecting customers
    ISN is hosted by SecurityFocus.com
    To unsubscribe email LISTSERVat_private with a message body of

    This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 00:43:04 PDT