www.fusspils.net

AirTight Security Researcher Uncovers Wi-Fi Vulnerability in WPA2; 'Hole196' Demos Planned at Black Hat and DEFCON

Saturday, 24 July 2010 16:15 Fusspils

Encrypted Wi-Fi Vulnerable Despite AES Encryption and 802.1x Authentication

Mountain View, Calif. - July 22, 2010 -- AirTight Networks, the leading provider of wireless intrusion prevention systems and services (WIPS) announced today that senior wireless security researcher, Md Sohail Ahmad has uncovered. just how easy it is to hack into an encrypted wireless network without breaking the encryption key. A documented, yet little known, vulnerability of the Wi-Fi WPA2 security protocol, which AirTight has named 'Hole 196', exposes secured wireless networks to a key "loophole" that allows authorized users to bypass private key encryption and authentication. AirTight researcher, Md. Sohail Ahmad, will be demonstrating this vulnerability at the Black Hat Arsenal and at DEFCON18 in a presentation entitled "WPA Too?!" in Las Vegas on July 29th and July 31th respectively.

Additional information on Ahmad's presentation is available at http://www.airtightnetworks.com/WPA2-Hole196 and AirTight will present a public Webinar after the conferences on August 4 to detail its findings. Those wishing to register for the Webinar, may do so on that page.

While AirTight's findings indicate that this vulnerability is only exploitable by an authorized user of the wireless network, insider threats continue to be the biggest challenge to IT and source of loss to the business. In the January 2010 Cybersecurity Watch Survey by CERT, CSO and Deloitte noted, "51% of respondents who experienced a cyber security event were still victims of an insider attack," even though most of the top 15 security policies were aimed at preventing insider attacks. Additionally, the report said that "Insider incidents are more costly than external breaches," which makes this vulnerability even more concerning.

"This important vulnerability is in fact buried on the last line of page 196 of the IEEE 802.11 Revised Standard published in 2007," said Pravin Bhagwat, CTO of AirTight. "That's the reason we gave the vulnerability the moniker 'Hole196'."

"Unlike the TJX breach where data was stolen over unsecured Wi-Fi, this finding is concerning because organizations are relying on WPA2 for its strong encryption and authentication. Since there is no fallback in the 802.11 standard to address this hole, AirTight felt it was important to raise awareness around it," added Bhagwat. "As any security best practice you need a layered approach because one size does not fit all.

How "Hole196" Works

Unlike the WPA-TKIP vulnerability (announced in November 2008) that was largely of theoretical interest, the "Hole 196" vulnerability can be practically exploited using existing open source software as the basis. And the footprint of such insider attacks is limited to the air, making them among the stealthiest of insider attacks known requiring no key cracking and no brute force! The only way to detect this is by monitoring traffic over the air.

802.3ba Ratified

Monday, 28 June 2010 18:37 Fusspils

IEEE announced the ratification of IEEE 802.3ba 40Gb/s and 100Gb/s Ethernet, a new standard governing 40 Gb/s and 100 Gb/s Ethernet operations. An amendment to the IEEE 802.3 Ethernet standard, IEEE 802.3ba, the first standard ever to simultaneously specify two new Ethernet speeds, paves the way for the next generation of high-rate server connectivity and core switching.

The IEEE 802.3ba standard, ratified June 17, 2010, addresses critical challenges facing technology providers today, such as the growing number of applications with demonstrated bandwidth needs far exceeding existing Ethernet capabilities, by providing a larger, more durable bandwidth pipeline. Furthermore, collaboration between the IEEE P802.3ba 40Gb/s and 100Gb/s Ethernet Task Force and the International Telecommunication Union’s Telecommunication Standardization Sector (ITU-T) Study Group 15 ensures these new Ethernet rates are transportable over optical transport networks.

The new standard will act as the catalyst needed for unlocking innovation across the greater Ethernet ecosystem. IEEE 802.3ba is expected to trigger further expansion of the 40 Gigabit and 100 Gigabit Ethernet family of technologies by driving new development efforts, as well as providing new aggregation speeds that will enable 10 Gb/s Ethernet network deployments.

Read More

Awsome new RDP tool

Thursday, 03 June 2010 19:13 Fusspils

Just found this excellent little RDP connection manager, simple fast and best of all free!

Get It Here

Explorer Crashing When Opening Certain Folder

Saturday, 12 June 2010 12:16 Fusspils

This is commonly caused by a corrupted media file such as a movie or image and windows not being able to render the thumbnail/preview
I fixed this for a client using the following steps..

1. Click Start > Run and type regsvr32 /u shimgvw.dll and click OK.

2. Click Start > Run and type regsvr32 /u shmedia.dll and click OK.

3. Delete the file that is corrupted.

4. Click Start > Run and type regsvr32 shimgvw.dll and click OK.

5. Click Start > Run and type regsvr32 shmedia.dll and click OK

The operation can’t be completed because you don’t have permission to access some of the items

Tuesday, 20 April 2010 12:03 Fusspils

This error drove me nuts for a time as I thought the problem lay with the Linux server rather than the clients. It turns out that a recent update to Snow Leaopard 10.6.3 caused errors in permissions while copying/accessing files on Samba shares.

Solution - "unix extensions = no" in smb.conf on the Samba file share server.. easy when you know how!

More Info

More Articles...

«
Start
Prev
1
2
3
4
5
6
7
8
Next
End
»

Page 1 of 8