RSA Attendees Responsible for Wireless VulnerabilityAir Defense Inc., the firm providing wireless security examined the wireless LAN traffic at the RSA Conference from its show floor. The conference at San Francisco is a leading information security conference in the world. The company released its results after monitoring the wireless airwave at the Conference. It indicated that of 623 wireless devices at the RSA Conference, nearly 56% were vulnerable to attacks. But according to the company, the responsibility of this potential risk lies with the users, not the organizer of the conference. There were seven bogus networks, as per the study. Two of them masqueraded as the authorized network of the conference and one carried a forged security certificate. The certificate implies a server-side certificate that provides 802.1X authentication. On the second day of the conference, the study found 847 networks, 481 of which exposed themselves to evil twins. "Evil Twins" are phishing scams in wireless form where an attacker pretending to be an authentic hotspot applies the technique to entice victims to connect to a laptop or PDA. On the same day, AirDefense found DoS (denial of service) attacks to shoot up. There were about 85 such attacks. They involved CTS (clear to send), which compels other stations to withhold transmissions; de-authenticate, which compels clients to reconnect causing jamming of traffic. Out of 2,017 wireless devices, 1,137 were susceptible to compromise during the three-day period. On Tuesday 347 devices and on Wednesday 481 devices were found to be vulnerable, but this was not due to the conference organizers, said Richard Rushing, CSO of AirDefense in a company press release. He assured that the conference network was more secure than many of the standard corporate networks. Rushing explained the wireless became vulnerable when conference attendees connected to wireless networks through insecure hotels and hotspots. As it is, today's hackers act patiently and don't attack the device but wait for their victims to come to them. So, even a strong network fails. With the massive number of insecure laptops and wireless devices at the conference, Rushing points at the irony of how the security conference did not take the security issue seriously. Related article: RSA: New Phishing Kit Can Create Phishing Websites in Seconds » SPAMfighter News - 20-02-2007
Share and tell your friends!
| All SPAMfighter products offer a free trial!
SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.
Optimize your Slow PC for better performance. Try FREE scan now
SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.
Remove Spyware with SPYWAREfighter - Free 30 days trial
Antivirus software for your Windows PC - Free 30 days trial | ||||||||||||||||||||||||||||
| <<< | >>> | ||||||||||||||||||||||||||||
SPAMfighter is
