wireless security

Wireless Security Myths I: SSID Broadcasting

Paul McFedries — Thu, 09 Oct 2008 14:01:40 -0400

Windows Vista sees your wireless network because the access point (AP) broadcasts the network's service set identifier (SSID). However, when you connect to a wireless network, Vista offers a Save Network check box. If you leave that check box activated, Vista remembers the wireless network, and will connect to it automatically the next time it comes within range. Therefore, after all of your computers have accessed the wireless network at least once, you no longer need to broadcast the network's SSID.

Read more

pictures

Fri, 03 Oct 2008 02:43:01 -0400

Well, my iPhone doesn't download pictures automatically. I have to tap them in order to begin the download.

Securing smartphone data

Tue, 26 Aug 2008 17:43:45 -0400

Our company, Media Sourcery, has recently tackled this problem by implementing a solution for a large health care hospice company, implementing our secure mobile forms solution on smartphones. With it, our customer has protection for their mobile data (which, in their case, includes confidential patient health information) including digital signatures, GPS and timestamps for audit/tracking, and encryption along the way.The solution is simple to use, easy to audit, and integrates with their back-end data warehouse and business system.

WEP Stinks, So Why Are You Using It?

Jennifer Jabbusch — Fri, 22 Aug 2008 16:46:02 -0400

We all know it… we all talk about… we all say how ‘bad’ it is. Yes, we know WEP SUCKS - so why are you still using it? Yes- I’m talking to YOU! Day after day, we walk into customer sites- almost all of which are under some (or several) compliance mandates- and day after day, I still see WEP being used in production networks. So, why are they still using WEP? Usually just because they haven’t changed. It worked, it was comfortable and it was ‘okay’ when they implemented it. But, things have changed. Today any 15 year-old with a free utility and a configured wireless card can crack your WEP… in a few minutes. It’s time to update! In case you’ve been hesitant, let’s go over a few reasons why WEP is so bad.

Read more

A Brief History of Wireless Security

Jennifer Jabbusch — Fri, 22 Aug 2008 16:44:05 -0400

A Brief History of Wireless Security: Open, WEP, WPA, WPA2 & 802.1X I shouldn’t be surprised when customers don’t understand our current wireless security options. It’s not their job really; it’s our job to educate them and make educated recommendations, right? Yes. So, here’s a little bit of education- a brief history of wireless security- from open systems to WPA, WPA2 and 802.1X. Portions of this have been skimmed from my 802.1X Training, Wireless Security Module. I’m hoping to answer the most common questions burning in every IT professionals mind… How did we get here and why are previous solutions now considered insecure? We’ll start from the beginning, and if all goes well, we’ll finish up at the end… FULL ENTRY

Read more

Wireless Password

Sun, 10 Aug 2008 14:24:16 -0400

Why people don't put in a password is beyond me, but something in the user interface required to set up wireless routers ought to encourage passwords by one means or another.

Wireless Security does not come with your infrastructure

dellalowe — Thu, 07 Aug 2008 19:26:48 -0400

As wireless becomes a business utility, the question is no longer how do I keep wireless out but rather how do I garner the benefits and efficiencies of wireless while protecting my network. Unfortunately too many organizations have neglected the security aspect of the WLAN installation or been convinced by their infrastructure providers that what is built into their products is enough. The magnitude of this breach demonstrates in no uncertain terms that infrastructure security is not enough and if these retailers were using some other form of wireless monitoring and security, it is not enough. A robust, overlay wireless intrusion prevention system (WIPS) would have prevented these breaches or shut them down way before they had done this much damage.

Read more

Now we know TJX wasn't the only screw-up...

John Cox — Wed, 06 Aug 2008 13:19:21 -0400

Yesterday's U.S. Department of Justice indictment ought to come as a relief to the TJX, the Massachusetts-based retailer who's been the corporate whipping boy for slack wireless security for nearly three years. That's because it's now evident that TJX isn't the only security screwup in retail.

Read more

How does Motorola's purchase of AirDefense affect Cisco's WLAN?

Cisco Subnet — Fri, 01 Aug 2008 15:45:03 -0400

Would Motorola's plan to purchase wireless security vendor AirDefense make a dent in Cisco's WLAN business? Motorola is hoping the move would strengthen its position against the networking giant, according to an article in SearchSecurity.com. The addition of AirDefense would help bump up Motorola's profile in the WLAN security business as AirDefense is generally acknowledged by industry analysts as the leader in the WLAN IDS/IPS market, suggests the article.

Read more

Wireless broadband

Fri, 11 Jul 2008 09:38:16 -0400

The article about Verizon is interesting, but it is technologies that they didn't mention such as wireless (cellular) broadband that poses a larger problem for security. Having an internal laptop with a cellular connection, I can't monitor the outbound side nor be able to detect it. Vendors would be the biggest issue for my exposure when they have access to critical information. I enjoy your articles. lrhode@mprtech.com

iPhone Bluetooth

Thu, 10 Jul 2008 18:30:35 -0400

Just to clarify - the iphone had bluetooth, which is used for handsfree communication. It just doesn't have the A2DP profile whch allows you to listen to music in stero. But you can still hook it up to a bluetooth headset or car kit.

Widespread attack possible

Sat, 21 Jun 2008 13:40:10 -0400

I regularly test Bluetooth exploits with my class 1 USB dongle at over 80m. It cost me about $60 from a website in the UK.

Eye-Fi card in the news catching thieves in tha act..

Sat, 07 Jun 2008 16:12:03 -0400

Found on Reuters. reuters.com/article/oddlyEnoughNews...oddlyEnoughNews

finally privacy works

Tue, 27 May 2008 03:11:57 -0400

Whether due to technical reason but finally PRIVACY works even a little bit not byte. Zeeshan Ali Shah infoshield.info

Cracking Wi-Fi security with PlayStation 3s

Alpha Doggs — Tue, 20 May 2008 11:25:09 -0400

From Network World's Brad Reed, who this week takes a look inside the new wireless security lab at Lockheed Martin:

Jason Crawford has learned that if you want to break into secure Wi-Fi networks, you don't need to buy equipment from the black market. Instead, you can buy it from Toys "R" Us, he says.

Read more

Hardware (TPM) will secure it!

Tue, 20 May 2008 09:04:08 -0400

Presentation Whitepaper

I did it Saturday morning

Thu, 17 Apr 2008 11:13:12 -0400

While sitting in the parking lot, waiting for the barbershop to open, I picked up an unsecured wireless connection and browsed the news sites for 20 minutes. I doubt anyone noticed. BTW, of the 12 or so WiFi nodes I picked up, most (8) were Verizon FIOS, locked by default, identifiable by their five character uppercase SSIDs.

It was there . . .

Wed, 02 Apr 2008 05:09:33 -0400

... but it isn't now. Good job he knew some "high-ups" then! lol!

Online Chat Transcript

jimandneil_simplified — Wed, 26 Mar 2008 22:28:22 -0400

Thanks alot to all the Network Wolrd readers who participated yesterday in our online chat. Don't forget to check out the transcript of the online chat.

TKIP vs WPA2

Wed, 26 Mar 2008 10:14:10 -0400

For the record, WPA2 AES is stronger than TKIP. "Added security" basically just means swapping the WEP key frequently...