Editor's Note: Welcome to NetworkWorld.com's first Wireless Security column. Every other week, experts from Wireless Vulnerabilities and Exploits will answer questions on the tough wireless security issues. Have questions? Get them answered - write wireless-security@nww.com.

What are the most prevalent wireless security threats based on submissions to the WVE?

With the prevalence of mobile devices and the increasing use of wireless-aware applications, enterprises need to continually track the threats that they face and take steps to mitigate them. Interesting trends about the nature of wireless threats are emerging, and the WVE database has revealed product defects, user and client behavior, and advancement in attacks and tools as the most prevalent types of submissions thus far.

Vulnerabilities exist in all complex networking systems, especially in emerging solutions that support wireless communications. This is particularly true for wireless networking infrastructure and client equipment such as access points (APs), WLAN controllers, and VoIP phones. The database contains a number of product defect entries, including a number on APs suffering from authentication management and denial of service (DoS) vulnerabilities.

Other entries concern many phones that have shipped with remote debugging features enabled, leaving them open to a myriad of different attacks. The number of these attacks will likely increase with the wider deployment of voice over WLAN (VoWLAN) equipment.

Numerous submissions deal with user and client behavior. The increased use of wireless-enabled devices by business travelers, the growing amount of confidential data residing on wireless-enabled laptops, and the ease with which users can engage in risky behavior are all cause for concern.

Because users typically value connectivity over security, they may use ad-hoc networks. Client software is also partially responsible for problems; a recent advisory note from the WVE Editorial Board noted that in some configurations a client will connect to an ad-hoc network with the same service set identifier (SSID) as one of its preferred networks.

In addition, another recently published entry on the site described a vulnerability that can enable an attacker to spoof Wired Equivalent Privacy (WEP)-encrypted networks that a client has been configured to connect to. This combination of behavior and client vulnerability is leading the hacking community to focus on attacking endpoints rather than on finding more efficient ways to attack 802.11 itself.