Topics Mobile Tech News Friday, December 15

Headlines

Contact us


Site search:
complete archives list




Site Sponsors:


Don't forget AT&T and Verizon promo codes at Sidepon.com to save money.


Wireless LAN Attacks are Moving from Discovery Mode to Manipulation
Posted: 03-Aug-2004 [Source: AirDefense]

[AirDefense discovers W-LAN attacks becoming more sophisticated as hackers are now injecting traffic into the network and manipulating data.]

Atlanta -- AirDefense, the leader in 24x7 wireless LAN security and monitoring, discovered wireless LAN attacks are evolving from simple sniffing to complicated data injection and network manipulation while monitoring the airwaves at DefCon 12, the annual underground hacking convention held last week in Las Vegas.

"The types of attacks we are seeing are increasingly more sophisticated than those of years past," said Richard Rushing, chief security officer of AirDefense. "Whereas last year we noted basic denial of service and MAC spoofing attacks, this year hackers have moved on to what we refer to as level three attacks, where hackers are actually injecting traffic into the network and manipulating data."

AirDefense identified an injection attack where attendees surfing the Web would receive manipulated images and form data that they had not requested. Previously, this attack was most often used on the wired side; however, hackers taking advantage of the open, unencrypted traffic have learned to adapt the technology to function in the wireless environment.

AirDefense also discovered a new Developer's Kit Denial of Service (DoS) attack. This type of attack involves modifying firmware on a network card to allow the cards to send data without having to wait for a signal from the access point. This type of attack, equivalent to a chattering network card, can knock people off the network, prevent other users from sending data, or even allow an individual to take control of the network.

"This is an example of how theoretical attacks are becoming practical. The only way to identify this type of attack is to use a monitoring system with multiple analysis engines to detect anomalous behaviors. These types of attacks are why we are continuing to add theoretical alarms based on correlation across signature, behavior and policy engines to AirDefense. As more instances of attackers using developer's kits occur we want to ensure our customers are equipped to defend their network," said Anil Khatod, president and CEO of AirDefense.

DefCon remains the defacto conference to view leading edge tools and techniques. This year DefCon boasted the "Wall of Shame," a large screen that was displaying passwords and identifying attendees that used "clear-text" services over the wireless network, including email, Telnet and Instant Messenger. Originally, the producers of the wall were using "Ethereal" to capture the traffic and then parceling the data for user names and passwords. By the second day of the conference the producers of the wall, having become more adept, began using "Cain and Abel," a more sophisticated tool that automatically captures passwords.

More...

Back to Headlines...

Apple Watch Apple Watch

iPhone 6 and iPhone 6 Plus iPhone 6 and iPhone 6 Plus

Amazon Fire Amazon Fire

Samsung Z - Tizen Samsung Z - Tizen

LG G3 LG G3

HTC One mini 2 HTC One mini 2

OnePlus One OnePlus One

HTC One (M8) HTC One (M8)

Samsung Gear 2 Tizen Watch Samsung Gear 2 Tizen Watch

HP VoiceTab HP VoiceTab

T200 octa-core T200 octa-core

Nokia 2520 Tablet Nokia 2520 Tablet

Samsung Galaxy Round Samsung Galaxy Round

BlackBerry Z30 BlackBerry Z30

iPhone 5S and iPhone 5C iPhone 5S and iPhone 5C

Samsung Galaxy Mega Samsung Galaxy Mega

Sony SmartWatch 2 Sony SmartWatch 2

iOS 7 iOS 7

Jolla Jolla

BlackBerry Z10 BlackBerry Z10

Galaxy S 4 Galaxy S 4

Galaxy Note 8.0 Galaxy Note 8.0

Ubuntu on Tablets Ubuntu on Tablets

LG Optimus G Pro L-04E LG Optimus G Pro L-04E

Firefox OS Firefox OS

Sony Zperia Z Sony Zperia Z



 

Valid HTML 4.1!

RSS © 1999-2017 Traques LLC
All times recorded in UTC
webmaster@MobileTechNews.com