http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9004920 By Bert Latamore November 09, 2006 Computerworld You hear a lot about wireless security threats, but do you know how many there really are? Or what kinds of vulnerabilities exist? Or what exactly "wireless phishing" means? The Wireless Vulnerabilities and Exploits group has been cataloging security vulnerabilities on wireless networks, primarily Bluetooth and the various flavors of 802.11, for nearly a year. Started by Network Chemistry, it now has 134 wireless vulnerabilities documented on its Web site. "We started this because while a lot of attention is devoted to vulnerabilities in operating systems and software, much less is focused on the network layer and very little on wireless networks," says Network Chemistry Chief Technology Officer Chris Waters. Network Chemistry invited recognized experts from across the wireless industry to serve on its editorial board. They review and classify reports of vulnerabilities and exploitation attempts sent by a variety of sources. "Anybody can send in reports," says Joshua Wright, senior security researcher at Aruba Networks and a founding member of the editorial board. Aruba recently signed up as a sponsor of the WVE. "We are very sensitive to disclosure practices, so we don't make information available to the attack community before the vendors who mitigate these problems know it," Wright says. Tracking standards Keeping the vendors and the public informed about security threats is one of the main purposes of the group, and the complete catalog of threats and exploits is published on the Web site. "Anybody can use it as long as they attribute it to the organization," Waters says. It also tracks emerging standards, often a confusing area in the wireless space. He estimates that the site now has about 80% of the total vulnerabilities catalogued. "We started with the more recent issues and now are going back to earlier problems," he says. This is a useful reference for IT security and network personnel, both for potential vulnerabilities in the enterprise wireless network and of dangers their end-users face when outside enterprise walls. It covers both the vulnerabilities themselves and the methods and tools that are being used to attack them. The other purpose behind the group is to build a common vocabulary of terms and reference numbers for vulnerabilities to facilitate communications both between humans and machines. "Often different people use different terms for the same exploit or the same term for different vulnerabilities," says Wright. "I see this especially in my classes at the SANS Institute, where I teach. One day for instance someone mentioned a 'wireless phishing attack.' To this day I don't know what wireless phishing is. We give the community a common vocabulary with published definitions. When we see that referenced in other venues, we know we are talking about the same thing." This becomes the basis for discussions about wireless security issues. Human communications is one of the issues. The other is machine and software communications. "If an intrusion detection system, for instance, detects an exploit and can identify it with a WVE number, then it can communicate that to other security devices and databases," says Waters. "Systems from different vendors can communicate, research and react to the exploit in a more coordinated manner." Valuable info "This is also a valuable resource for network professionals to use to keep current with what is going on out there," Wright says. "The database has so much information that isn't available anywhere else." Aruba Networks recently joined the list of WVE sponsors to show that it sees unique value in the effort. "We believe in participating in an effort that helps the entire industry," Wright says. As the WVE approaches its first anniversary, Waters says, it continues to work to expand the database. And as new wireless technologies such as WiMax emerge it will consider whether to include them. And "wireless phishing" is identified in the WVE database as AP spoofing, in which the perpetrator creates a false AP that appears to the user to be legitimate but which connects him to the perpetrator's computer rather than to the real wireless network. This technique has been used to steal network access codes and passwords. -=- Bert Latamore is a journalist with 10 years' experience in daily newspapers and 25 in the computer industry. He has written for several computer industry and consumer publications. He lives in Linden, Va., with his wife, two parrots and a cat. _________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Thu Nov 09 2006 - 23:27:05 PST