WLANs Exposed by Hack

A wireless LAN hardware company is set to publicize a RADIUS server security hack that can thwart the recently ratified 802.11i protocol and any WLAN infrastructure that keeps encryption keys housed in access points rather than on a central switch.

Aruba Wireless Networks Inc. will bring its findings to the Internet Engineering Task Force meeting in San Diego next week, said Aruba officials.

Aruba stands to benefit from the vulnerability report because it develops wireless hardware that keeps encryption centralized on the switch rather than on access points, but officials said the vulnerability is critical for IT managers who think the new protocol will keep their WLANs secure all by itself.

"We've collaborated with Microsoft [Corp.] and a bunch of other players to expose some vulnerabilities to wireless," said Merv Andrade, chief technology officer of Aruba, in San Jose, Calif. "802.11i is only one cog in the security wheel. If you're not watching your back, you might be lulled into a false sense of security." Microsoft officials did not respond to requests for comment.

Monday, 26 July 2004 18:12 EST

Read Full Story

News

Securing Secondary Storage for SOX
Feb 10, 2006, 17:30 EST

Sarbanes-Oxley Disclosures Matter To Investors
Feb 10, 2006, 10:33 EST

Malware Evolution 2005
Feb 10, 2006, 09:58 EST

Interpeak Protection Profile
Feb 10, 2006, 09:52 EST

Oracle defends security record
Feb 10, 2006, 09:40 EST

Companies Hiring Hackers to Break into Their Computers
Feb 10, 2006, 09:38 EST

Agnitum Outpost Firewall Pro 3.5
Feb 10, 2006, 09:30 EST

Sponsors:
Scan all company email for viruses, Trojans and worms with 4 virus engines, all in one package - GFI MailSecurity for Exchange/SMTP! Download your free 60-day trial today!	Check your website security with Acunetix Web Vulnerability Scanner. Audit your web applications for SQL injection, cross site scripting & more. Download trial!


Copyright ? IT-Observer.com 2000 - 2006	Privacy Policy \| RSS Feeds