http://www.darkreading.com/vulnerability_management/security/encryption/showArticle.jhtml?articleID=223101624 By Tim Wilson DarkReading March 05, 2010 SAN FRANCISCO -- RSA Conference 2010 -- You'd think the behavior of wireless users at one of the industry's biggest security conferences would be -- well, secure. Not so, says a quick study from wireless security company Motorola AirDefense. In a study during the first two days of the show, AirDefense identified 293 wireless access points -- but an alarming 315 ad-hoc networks were also discovered. Ad-hoc networking is a mode of operation that allows two stations to communicate directly with each other, without the use of an access point. This could allow an attacker to impersonate a common service set identifier (SSID) and potentially gain connectivity to the wireless station, AirDefense observes. Some 116 wireless clients were found to be associated to these ad-hoc networks, many offering security-risky SSIDs, such as "Free Public WiFi," "Free Internet Access," "Hotel WiFi," and "lounge." While there was more encryption at this year's conference than last year, the majority of the networks using encryption were found to be using technologies known to be vulnerable to attack. Sixty-two percent were using WEP -- which was cracked years ago -- or TKIP, for which researchers have rolled out several proofs of concept research during the past two years. The recommended encryption is AES/CCMP. [...] ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/Received on Sun Mar 07 2010 - 22:41:37 PST
This archive was generated by hypermail 2.2.0 : Sun Mar 07 2010 - 22:45:12 PST