So I get this note attached to a press release.
According to a recent Gartner report, 70 percent of successful wireless network attacks through 2006 will result from the misconfiguration of WLAN access points and client software. Network administrators are simply overwhelmed and without an intrusion detection system they have virtually no control over the security risks imposed via their PCs, cell phones and other devices.
Hackers using antennas made of Pringles containers, whiskey tins and coffee cans can lock into Wi-fi networks 25 miles away. Unfortunately, most enterprises only find out about this new emerging subculture of hackers when the damage to their network is already been done.
Full Mesh Networks, a managed security services provider, announced today the first fully managed Wireless Intrusion Detection service, a revolutionary new and low-cost approach to securing an organization’s wireless airspace from rogue devices and wireless hacking attempts.
A press relase was attached, but how could it be credible? 25 miles with a Pringles cantenna? Bullcrap! My advice to the PR folks. Exaggerated and sensational claims do not help the client.
Before you break the family piggie bank to latch onto “defensive” armor, use freeware like AirSnare to see if someone’s even paying attention to your wi-fi network.
And there have been credible reports of pushing the pringles can to 20 + miles unidirectional with a little tinkering, so it is not all that unfounded Mr. Dvorak.
Not sure about the Pringles cans, but the current record is 55+ miles using an old sat dish – see /.:
+——————————————————————–+
| DEFCON WiFi Shootout Winners Set A Land Record |
| from the congratulations-all-’round dept. |
| posted by timothy on Wednesday August 04, @07:52 (Wireless Networ|
| http://slashdot.org/article.pl?sid=04/08/04/0035235 |
+——————————————————————–+
obscience writes “While attending the DEFCON 12 convention this past weekend I had the chance to see the standing ovation a group of 19 year olds received for establishing a 55.1 mile unamplified WiFi connection!” A snippet from the Wired story linked there: “Mobile warriors having trouble making a wireless connection across the hall might want to give some Ohio teens a call. This weekend they were able to make a 55-mile Wi-Fi connection. … They might have achieved an even greater distance, Justin Rigling said, “but there was no road left.””
They should ban teenagers from buying Pringles; they should pass a law requiring one to be 18 years old and have proof of id to purchase Pringles.
Haha, that’d be hilarious.
I’ve been exploring Onion Routing as part of my Linux Deployment. From what I can tell, most of the solutions out there for wireless networking are expensive toys or insecure.
Here’s some info on Onion Routing
Onion Router adds a layer of encryption for each Onion Router in the route. As data moves through the anonymous connection, each Onion Router removes one layer of encryption, so it finally arrives as plaintext.
Onion Routing prevents the transport medium from knowing who is communicating with whom — the network knows only that communication is taking place. In addition, the content of the communication is hidden from eavesdroppers up to the point where the traffic leaves the OR network.
http://www.onion-router.net/
Also you might want to see this link http://www1.cs.columbia.edu/~ji/F02/proj/
I wonder what they mean by unamplified. I’m sure they were using targeted antenna and full power as opposed to a Pringles can. It’s not that two Pringles cans cannot hit 20 miles (although I doubt it) it’s that they have to have some juice and be aimed at each other. The BS press note had this as a “casual” long range hit. Not going to happen. Maybe with a 10 foot dish, but not with a can.
I saw a Pringles can story on the news awhile back. I never heard anything more about it, until now. At least Pringles is getting a free blurb. Maybe this is some kind of new marketing gimmick, where you get buzz going about something that starts alarm bells off and everyone starts buying more Pringles. Whatever it is, at least people are recycling thosee Pringles containers.
Here’s a Pringles can that pulls about 12db! That’s what they say.
http://www.oreillynet.com/images/weblog_graphics/flickenger/shotgun-200.jpg
http://www.oreillynet.com/cs/weblog/view/wlg/448
So, 70% of successful attacks will be due to misconfiguration of access points and client software?
But, all they are selling is a fully managed Wireless Intrusion Detection service? I hope it is “low-cost”, if all it is doing is letting you know you’ve been hacked.
It seems you would be better-off fixing the configuration settings, which would directly solve 70% of your intrusion issues.. 🙂
Computer Consulting Services: Selling the Network as Security and Data Protection…
Small business prospects and clients may view your computer consulting services as part of their insurance policy. You write up a service agreement that lists what’s covered and what’s not, as well as various parameters for coverage. Then each month,…