Wi-Fi Planet Expo Attracts Latest Hacking Tools

SAN JOSE, Calif., December 17, 2003. A trade show for wireless LAN vendors turned into a battlefield for wireless hackers to show off their advancing tools that threaten the numerous wireless users who remain naive to the known security issues.

AirDefense monitored all wireless LAN activity at this month's Wi-Fi Planet Expo in San Jose, Calif., and discovered the increasing accuracy and sophistication of the latest wireless hacking tools. In a single day at the conference, AirDefense observed 21 attempted Man-in-the-Middle attacks that break the secure connection of a VPN to inject an intruder between a wireless station and the access point.

Of the 21 attempted Man-in-the-Middle attacks, 16 were successful, which compares to just three successful attacks out of 32 attempted attacks in three days at the June Wi-Fi Planet conference.

"Wireless LAN hacking tools have always been widely available, but they required knowledgeable techies to use them correctly," said Richard Rushing, AirDefense vice president of technical services. "As wireless LANs have grown in popularity, these tools have become easier to use and reap more harmful results."

AirDefense recorded another 33 advanced attacks that exploited the Extensible Authentication Protocol (EAP), which also includes attacks against Lightweight Extensible Authentication Protocol (LEAP). These EAP attacks break a wireless LAN's authentication by attacking the authentication server or brute forcing an authorized user's password.

75 Denial-of-Service attacks targeted at specific access points or stations
12 DoS-Cloud attacks that de-authenticate everyone on a specific channel
125 attempted identity thefts by spoofing an station's MAC address -- 25 FakeAP attacks that broadcast hundreds of non-existing SSIDs -- 89 network scans from tools such as Netstumbler and Wellenreiter.

Despite the malicious activity in the air, wireless LAN users disregarded the security concerns in alarming numbers with poor laptop configurations and insecure use of email across unencrypted public wireless LANs. On this one day of the conference, only 6 percent of corporate email downloads were conducted through the secure tunnel of a VPN.

"Without a secure connection to an enterprise email account, a wireless station exposes the email account name and password to anyone passively sniffing the WLAN traffic," Rushing said. "Public wireless LANs cannot be trusted with such sensitive information. Anyone who downloaded email at the conference should change their password immediately."

Other vulnerabilities included 89 user stations that were configured to allow ad hoc networking. These direct connections between devices allow for easy file sharing but offer little security or authentication. An executive's laptop in ad hoc mode opens the door to allow a hacker to connect to the laptop without the owner's knowledge, access all shared files and launch direct attacks.

In fact, an ad hoc network was detected using the SSID of "wifiplanet" which tricked as many as 10 stations to connect to this ad hoc network when they were probably looking to connect to the conference's public access points.

Other concerns among the stations and devices included 130 user stations with insecure default settings of Windows XP that broadcasted probes looking for networks that were not at the conference.

AirDefense utilized its wireless LAN intrusion detection and monitoring system to stealthily observe the conference's wireless LAN airspace and detect these attacks and threats.

For more information, go to www.airdefense.net

Military & Aerospace Electronics

Get All the Military Aerospace Electronics News Delivered to Your Inbox or Your Mailbox

Subscribe to Military Aerospace Electronics Magazine or email newsletter today at no cost and receive the latest information on:

  • C4ISR
  • Cyber Security
  • Embedded Computing
  • Unmanned Vehicles

Military & Aerospace Photos

Most Popular Articles

Wire News provided by   

Press Releases

Model INCX-4001

The INCX-4001 consists of a high quality audio transceiver specifically designed to implement a complete fiber optic intercom.

Model PS-1210

The PS-1210 is a 1A, 12VDC stand-alone or rack mountable non-switcher (no RF noise) power supply.

Model OS-3121

Optical switches are utilized to disconnect, bypass and reroute fiber optic communications. All of these optical switches are purely optical path, there is no optical to e...


New Design Tools That Help You Develop Radar That Sees the Un-seeable and Detects the Undetectable

Xilinx EW/ISR System Architect, Luke Miller, has new tricks and he’s going to tell you all about them in a new Xilinx Webinar—for free. His Webinar will cover new ways to implement Radar functions including ...
Sponsored by:

All Access Sponsors

Mil & Aero Magazine

July 2015
Volume 26, Issue 7

Download Our Apps




Follow Us On...


Military & Aerospace Electronics

Weekly newsletter covering technical content, breaking news and product information

Cyber Security

Monthly newsletter covering cyber warfare, cyber security, information warfare, and information security technologies, products, contracts, and procurement opportunities

Defense Executive

Monthly newsletter covering business news and strategic insights for executive managers

Electronic Warfare

Quarterly newsletter covering technologies and applications in electronic warfare, cyber warfare, optical warfare, and spectrum warfare.

Embedded Computing Report

Monthly newsletter covering news on embedded computing in aerospace, defense and industrial-rugged applications

Unmanned Vehicles

Monthly newsletter covering news updates for designers of unmanned vehicles