Every Techie needs to read something.

Monday, February 12, 2007

5 Reasons to leave your Wireless Devices turned off at the RSA conference

This is all from the article "RSA: Attendees drop ball on Wi-Fi security" over at ComputerWorld. The wireless security vendor AirDefense Inc was monitoring the Wireless networks during the conference. Here are some of their findings, and the reasons I would have my wireless turned off if I were at the RSA conference.

1. 30 Devices pretending to be access points.
Not only were they pretending to be access points, but they were pretending to be access points from the conference network. One of them even had a self-sign certificate made to look like the conference authentication server. Others were configured to look like T-Mobile and IBAHN access points, as well as the access points of local hotels.

2. I like my service, so please don't Deny it.
There were 57 Denial of Service attacks on the first day of the conference, including jamming and de-authenticating clients. What fun.

3. Lots of Scanning
NetStumbler and similar programs were scanning for access points regularly. The article says that it was by attendees, but who can really be sure.

4. I don't want anyone else controlling my computer.
On the second day of the conference, one attacker had taken over 8 machines, and was using them to launch attacks on other machines.

5. I should be the only one who knows my password
A whole bunch of the clients connecting to the bogus access points were advertising domain information, including authentication server, user name, computer name, as well as sending out the authentication hashes which contained username and password.

Making it a little easier for the bad guys
AirDefense Inc, also found that more than half of the wireless devices in use at the RSA conference were not secure. Remember, the RSA is the security division of EMC, and the attendees are the people responsible for their company's computer security.

This would be like finding out Bill Gates uses Linux, that Steve Jobs has a Windows Logo tattooed on his rear, or going to a hair stylist who has a mullet.

Some other things they found were unsecured wireless access points with two notorious names, one named "Free Internet Access" and one called "Linksys". Not only were these access points out there, but 70 devices connected to them on the first day, and 87 on the second day!

There were obviously other "security experts" in attendance
Obviously there were hackers there, trying to mess around with the experts. I think that I will make sure to turn my wireless off anytime I go to a big conference like this one. I remember reading something about all the stuff going on at the last DEF CON.

I wonder if anyone was checking this at CES. I know there were a whole slew of people blogging from there.

No comments: