BLOG
 
Blog: WiFi Experts

Is Your Wireless Network Protected? AirMagnet Enterprise Releases New Wireless Threat Signatures
Author/Blog Contributor - Jesse Frankel, Product Manager, Fluke Networks
Date: November 08, 2011

With Halloween behind us, wireless engineers are back dealing with the scary realities of today’s wireless threats and vulnerabilities. But, if you’re a Fluke Networks’ customer running the AirMagnet Enterprise 9.0 Wireless Intrusion and Prevention System (WIPS), never fear because you’re more prepared than ever to defend your WLAN thanks to the release of new threat signatures.

New threat signature updates have been released via the Dynamic Threat Update (DTU) feature, which enables the automatic loading of new alarm signatures, without involving local IT staff.  The new update contains protection against critical new wireless threats, including Airdrop, Karmetasploit and DHCP Starvation Attacks:

  • AirDrop – Apple’s Mac OS X Lion includes the new AirDrop feature that allows multiple users to share files over a peer-to-peer Wi-Fi connection, which can be a violation of company security policies.  Risks that could result, include protected data being easily transferred to unknown machines outside of the enterprise network, and potentially leaving the network vulnerable to other active attacks.
  • Karmetasploit – This is an aggressive man in the middle (MitM) style attack that tricks a client into associating with a device masquerading as an access point running KARMA. This allows a hacker to do any number of the following: gain access to the client machine, capture passwords, harvest data and conduct a wide variety of application exploits.
  • DHCP Starvation Attack – A DHCP starvation attack run from a wireless client can cause other clients to connect to a malicious network.  Wireless guest networks and unencrypted commercial hotspots are especially vulnerable to this attack, which can lead to lost productivity or revenue.

Fluke Networks regularly releases new signature updates. More detail on each of the above threats/vulnerabilities is available in the community.

Previous DTU signature releases include:

  • Ad-hoc Station Broadcasting Free Public Wi-Fi SSID ­– This vulnerability allows hackers to lure unsuspecting wireless users through an ad-hoc network leveraging an old Microsoft bug in the XP OS (a fix was issued in Service Pack 3).
  • Airpwn – Airpwn is a framework for 802.11 packet injection.  It listens to incoming wireless packets, and if the data matches a pattern specified in the config files, custom content is injected (spoofed) from the wireless access point.  Airpwn only works on open wireless networks and WEP encrypted networks when the attacker knows the WEP key.
  • Device Broadcasting XSS SSID – Cross-site scripting vulnerabilities are well known and publicized attacks that target Web applications to gain access to the underlying server or the Web application itself.  It does this by injecting a client-side script into web pages viewed by the user.

 

 
Comments:
 
games online Nov. 7, 2013 6:52 PM

Cross-site scripting vulnerabilities are well known and publicized attacks that target Web applications to gain access to the underlying server or the Web application itself. It does this by injecting a client-side script into web pages viewed by the user.
paul Dec. 6, 2013 3:00 AM

Glad that I have found your people. Version 9.0 is able to dynamically update the WLAN Intrusion Prevention System against threats. The alarm code has now become much easier and user friendly. I have bookmarked your page for further reference.
visit the site
visit the site Dec. 6, 2013 3:01 AM

Glad that I have found your people. Version 9.0 is able to dynamically update the WLAN Intrusion Prevention System against threats. The alarm code has now become much easier and user friendly. I have bookmarked your page for further reference.
is bubblegum casting legitimate Apr. 3, 2014 3:02 AM

Well g such vital information regarding the AirMagnet Enterprise is the main highlight of this blog. I am very much excited to increase my knowledge associated with this and words
url opener May. 12, 2014 10:25 AM

OPEN MULTIPLE URL'S WITH JUST ONE CLICK
NOW YOU DO NOT HAVE TO WORRIED ABOUT OPENING VARIOUS URL'S WITH THE SINGLE CLICK OF YOUR MOUSE BUTTON. THE FAST URL OPENER CAN HELP YOU ACHIEVE THIS GOAL AND SAVE YOU SOMETIME AND BOTHERATION OF CLICKING THE MOUSE KEYS AGAIN AND AGAIN.
ENJOY THE WONDERS OF FAST URL OPENER AND SAVE TIME
About us Jun. 25, 2014 12:59 AM

I learned a ton about studio lighting gear and am excited about another upcoming shoot that I will be assisting him on at at boxing studio http://deepcool-au.com/
victoria one melbourne Jul. 10, 2014 5:06 AM

Fluke Networks regularly releases new signature updates. More detail on each of the above threats/vulnerabilities is available in the community.
online teaching degrees Sep. 10, 2014 3:19 AM

Risks that could result, include protected data being easily transferred to unknown machines outside of the enterprise network, and potentially leaving the network vulnerable to other active attacks.
http://www.myheritage.com/search-records?lang=HE&action=person&siteId=163794402&indId=1000005&origin=profile Sep. 11, 2014 9:25 AM

Fluke Networks regularly releases new signature updates. More detail on each of the above threats/vulnerabilities is available in the community.
Popular iPhone 6 Screen Protector Oct. 2, 2014 6:36 AM

This allows a hacker to do any number of the following: gain access to the client machine, capture passwords, harvest data and conduct a wide variety of application exploits.
Fiverr Blog Oct. 10, 2014 8:06 AM

Fluke Networks regularly releases new signature updates. More detail on each of the above threats/vulnerabilities is available in the communit
http://www.topinstagramfollowers.com/ Oct. 19, 2014 7:09 AM

Fluke Networks regularly releases new signature updates. More detail on each of the above threats/vulnerabilities is available in the community.

Post a Comment:

Name:
*
 
Email:
*
Note: Your email will not be displayed.
 
Comments:
 *
 
Verification:
Enter in the characters from the image below:
 *
 
 
Blog Contributor

Jesse Frankel has extensive experience in delivering critical wireless security solutions for enterprise, clinical and government networks. During his 6+ years at AirMagnet he served as Director, System Engineering and as a member of AirMagnet's Wireless Intrusion Research Team.

Blog Archive
 
Other Social Media Sites We Recommend:
Home  |  Security Center  |  All Things Wi-Fi  |  Blog  |  Library  |  AirMagnet.com  |  FlukeNetworks.com
© 2006-2012 Fluke Corporation. All rights reserved.