> I'm interested in finding any URLs that discuss Wireless Security Audits > and/or war driving. I am especially interested in hardware and software > used. If you know of any, or have first hand knowledge, please reply. I > have searched (google and astalavista) and not come up with much. Well, here are the ones I found interesting.. Noone really talks about the equipment used, but you should be able to figure that out on your own.. ------------------------------------------------------------------------ -------------- Experts ponder securing the wireless world http://www.cnn.com/2001/TECH/industry/04/13/wireless.security.idg/index. html Good read on the problems surrounding wireless and why they're hard to solve. ------------------------------------------------------------------------ -------------- 802.11 and Swiss Cheese http://www.zdnetasia.com/biztech/security/story/0,2000010816,20196487,00 .htm Good article -- takes a look at the problems from an honest, realistic point of view. That's just dandy. We're effectively being told that unless we are a large enterprise with a dedicated IT staff and the necessary infrastructure to set up VPN servers and associated folderol we're not worthy of properly designed and implemented security. A flawed system is considered sufficient. ------------------------------------------------------------------------ -------------- Fortress Strengthens Wireless Equivalent Privacy http://www.ntsecurity.net/Articles/Index.cfm?ArticleID=20706 An introduction to wireless Link Layer Security (wLLS) which is based on their patented "Secure Packet Shield" technology. ------------------------------------------------------------------------ -------------- Looks like war driving is an interesting idea -- at least for journalists.. // Note: 1) "the important part of getting this to work is having the external antenna. It makes all the difference" says Shipley 2) @Stake added wireless auditing about two months ago.. 3) beware the pizza guy. :) http://www.securityfocus.com/templates/article.html?id=192 ------------------------------------------------------------------------ -------------- http://www.cs.umd.edu/~waa/wireless.pdf [PDF] Abstract The explosive growth in wireless networks over the last few years resembles the rapid growth of the Internet within the last decade. Dur- ing the beginning of the commercialization of the Internet, organiza- tions and individuals connected without concern for the security of their system or network. Over time, it became apparent that some form of security was required to prevent outsiders from exploiting the connected resources. To protect the internal resources, organizations usually purchased and installed an Internet firewall. We believe that the current wireless access points present a larger security problem than the early Internet connections. A large number of organizations, based on vendor literature, believe that the security provided by their deployed wireless access points is sufficient to pre-vent unauthorized access and use. Unfortunately, nothing could be further from the truth. While the current access points provide sev- eral security mechanisms, our work combined with the work of others show that ALL of these mechanisms are completely in-effective. As a result, organizations with deployed wireless networks are vulnerable to unauthorized use of, and access to, their internal infrastructure.
This archive was generated by hypermail 2b30 : Thu Apr 19 2001 - 21:38:21 PDT