Blog

• CWNP
• September 11, 2009
• 

Curriculum Director - WirelessTrainingSolutions.com

New Attacks on WPA - Move Calmly Toward the Exits

Rick Murphy

Now that cryptographic researchers Beck – Tews and Ohigashi – Morii have demonstrated practical attacks that allow intruders to jam their feet in the door of TKIP/Michael protected systems, it is clear that the final push towards a complete CCMP upgrade should be planned and executed by SOHO, SMB, and Enterprise users of WLANs within the near future. However, this is not so much a clarion call as it is a gentle reminder that WPA was only intended to be a band-aid for an insufficient confidentiality mechanism (WEP) and that the real solution was and still is, CCMP. If TKIP were a movie theater, then we have our first whiff of smoke. Its time to start calmly moving towards the exits.

• CWNP
• September 09, 2009
• 

Real Free WiFi

OK, I like Free WiFi.

NOT the kind that makes you pay per minute.
NOT the kind where you watch lots of adverts.
NOT the kind where all web pages go through something that puts an advert on every page.
NOT the kind where you have to put in some special code.
NOT the kind where they block ports so you can't get your e-mail, VPN, etc.
NOT the kind where they throttle the connection to a crawl.
NOT the kind where you can only be in lobby to get net access.

Just REAL Free WiFi!
Continue reading...

• CWNP
• September 03, 2009
• 

Push-Button Pen Testing

Push-Button Pen Testing: That's my phrase.  I came up with it yesterday.  It's a whole new class of automated hacking...uh, I mean penetration testing...products.  I got to see Silica-U from Immunity yesterday.  This thing is slick.  They finally ported it over from a Nokia N810 Internet tablet to a desktop Linux version (which I got to see running on my favorite Linux distribution - Ubuntu).  It worked just as described.  No longer do you have to remember WEP keys, WPA passphrases, LEAP usernames and passwords (in a future release).  Isn't that great?

• CWNP
• September 01, 2009
• 

Attacks on WiFi: Reflections on Recently Revealed Vulnerabilities

In the last couple of weeks, we've witnessed a flurry of activities in the wireless security space. Security researchers have revealed a couple of new attacks on WiFi infrastructure – Skyjacking and an improved attack on WPA-TKIP. This post provides a high level overview of both of these attacks.

• CWNP
• August 25, 2009
• 

No TKIP or No Certification

OK, so here's the thing.  The Wi-Fi Alliance's board approved, on March 26, 2009, additional testing to disallow the use of TKIP with HT MCS rates.  Tests were started the next day, and by Sept 1, 2009, all devices must comply.  Big whoop, right?  Well, not with the fact that 18 of 18 APs and 10 of 14 STAs have failed to date.  I wonder how the Wi-Fi Alliance is going to handle that?  Do they suddenly decertify equipment?  Do they extend the deadline?  Do they re-evaluate their decision to make this "feature" mandatory?

• CWNP
• August 21, 2009
• 

MediaFlex-o-matic

I'm talking about Ruckus's MediaFlex.  Everything is automagic.  No, seriously.  Plug it in, wait a few seconds, and poof: you have an automatically-selected 5 GHz (40 MHz) UNII channel moving HD IPTV.  Coverage?  Not a problem with Transmit Beamforming (TxBF) - Ruckus's trademark feature.  The AP was downstairs in the basement, and the two TVs were upstairs.  Without TxBF, there's no way this could've happened in 5 GHz.  Clarity?  As good as the RG59 cable that our AT&T U-verse receivers were using prior to testing the Ruckus MediaFlex 7000 series system...and yes, I unplugged the RG59 cables before testing! :-)

• CWNP
• August 19, 2009
• 

Rogue AP Prevention: Duping (802)Dot1X Access Control

“You can't solve social problems with software” – Marcus Ranum

We have covered two sources of WiFi threats in my previous blog posts – Rogue AP and Client mis-configurations. It has been encouraging to see quality comments from readers – some of them have pointed out why 802.1X is the “preferred” way to mitigate the Rogue AP problem. In this post, we will dig a little bit deeper into this. IEEE 802.1X port-based access control provides an authentication mechanism for devices wishing to communicate via a port (e.g., a LAN port). If the authentication fails, it disallows further communication via the port. 802.1X is a simple form of Network Access Control (NAC) solution – a generalized NAC can provide additional functionality such as fine-grained access control, identity management, access management, and quarantining non-compliant clients (e.g., ones without proper anti-virus protection).

I think that 802.1X is a good first step in securing your network from Rogue APs. It does provide some control on the relatively deterministic part of the problem – the wire. However, as I had hinted in my earlier post, I believe that 802.1X (or even a generalized NAC, for that matter) alone is not sufficient for mitigating Rogue APs. Here are my reasons:

• CWNP
• August 17, 2009
• 

Determinism

Call it what you will: Deterministic, Utility, or Automatic.  I don't really care what you call it if you can make Wi-Fi "just work."  Every vendor will tell you a different story to tell on how to build "Wi-Fi that works" based on their own networking philosophy and feature sets, and every network administrator has a different view of what "Wi-Fi that works" means.

• CWNP
• August 14, 2009
• 

SWEETNESS!

That's what I think about it.  It's just pure sweetness.  Fluke buys AirMagnet.  I'll be the first to admit that I never saw it coming...never.  I thought it would be Cisco.  In hind-sight, the Fluke acquisition makes perfect sense of course.  Fluke has reigned in the Ethernet diagnostic market for years, and a young newcomer had taken that spot within the Wi-Fi market.  Fluke has had Wi-Fi diagnostic gear for some time, and their people are extremely committed to their cause, but their product portfolio simply hasn't stacked up against the market leaders...until now.  Apparently they have, in one very bold step, moved to center stage of the diagnostics market en total.  Unreal.

• CWNP
• August 05, 2009
• 

King of Websites

Be who you are and say what you feel, because those who mind don’t matter and those who matter don’t mind. – Dr. Seuss

OK, let's talk about Wi-Fi manufacturer websites.  Let's be totally honest: most of them just suck.  Don't worry, I'm not going totally negative here.  There is one company who has figured out just how important the public-facing part of the company really is.  I'll put my flag in the dirt right here: RuckusWireless.com is the best website in the Wi-Fi industry.  Bluntly, it kicks everyone else's butt.  If I were grading, it would be an A+.  Clean, beautiful, personal, friendly, easy navigation, and I could go on.  It more-or-less lets you peer directly into the company - getting to know the people, the products, the direction, and more.  They have a blog site called TheRuckusRoom.net that's equally as good.  The list below isn't meant to insult anyone.  It's meant as constructive feedback, because I really hope every website below could be graded as an A within a year (including our own).