New wireless-threat Web site

By John Cox, NetworkWorld.com, 12/05/05

A new public database has been formed to coordinate information on wireless vulnerabilities and exploits.

The Wireless Vulnerabilities and Exploits database catalogs security threats for any kind of wireless net, including 802.11, Bluetooth, VoIP over WLAN, RFID, and the various cellular networks.

Using a simple Web form, anyone can submit to the group's editorial board a suspected wireless exploit or vulnerability. A subset of the board makes a preliminary review and can accept the submission as a "candidate," posting it on the Website with a unique name. After a review by the full board, the submission becomes an official entry on the Website, classified by type such as denial of service, or cryptographic, with the name of the contributor and other details.

The idea grew out of the work by researches in Network Chemistry's R&D arm. The wireless intrusion detection vendor maintains the Website. The site sponsors are The CWNP Program, which is a wireless testing and certification program for IT professionals created by Planet3Wireless, and the Center for Advanced Defense Studies, a Washington, D.C. security think tank.

The editorial board includes, Mike Kershaw, author of Kismet, an open-source program for 802.11 network detection, sniffing and intrusion detection; and Network Chemistry's Andrew Lockhard, author of Snort-Wireless, which adds intrusion detection to the Snort program.

Back to Wireless Notes

Comments

Post a comment

Name:


E-mail address:


URL:


Comments:


Remember info?