First time on my blog "WiFi Security?" Want to know more about WiFi Security? Need some fresh software to secure your WiFi connection?

Subscribe to blog updates by Email or RSS

Each week you will get a new post about WiFi Security. I promise you, my dear reader! Or you will unsubscribe :-)



Tuesday, May 25, 2010

Ruckus Wireless Awarded Wi-Fi Security Patent for Dynamic Authentication and Encryption

A new Advances Wi-Fi Security Innovationan that Simplifies Allowing Encryption Keys to be Automatically Generated for Each Wireless User and Installed on the End User Devices

SUNNYVALE, Calif., May 24 /PRNewswire/ -- Ruckus Wireless™ today it is announced that it get a patent from the United States Patent and Trademark Office (USPTO) for an innovation that radically simplifies the configuration, administration and strength of wireless network security. This patent is one of nearly two dozen patents granted to Ruckus with dozens more pending approval.

The new technique, commonly known as Dynamic Pre-Shared Key (PSK), effectively eliminates tedious and time-consuming manual installation of encryption keys, passphrases or user credentials needed to securely access a wireless network. Dynamic PSK changes this model by dynamically generating strong, unique security keys for each authenticated user, automatically installing these encryption keys on the end user devices with little or no human intervention.

With the explosive growth of Wi-Fi networks around the world, organizations struggled with how to streamline the complexity and cost of implementing robust wireless security. Many companies have used a passphrase that must be shared among many users and manually entered into client devices. If this "pre-shared key" becomes known or stolen it must be changed for all users and manually re-entered into every client device.

A popular alternative to the pre-shared key approach is an elaborate security framework (e.g. 802.1X) that requires information, such as unique certificates or supplicants, to be installed on every user device. Deploying such systems requires a high level of technical expertise as well as ongoing technical support for users.

"Concerning the Wi-Fi there were two ends of the security spectrum" said Steve Martin, VP of Engineering for Ruckus Wireless. "On the one end is the simple approach that makes life easy for network managers but creates potential security concerns for companies. On the other end is a very robust but often overwhelming security framework, such as 802.1X, that requires a tremendous amount of a time and an effort to implement. We've created the best of both worlds with a user-friendly and low maintenance method for providing a high level of wireless security".

Using Dynamic PSK, organizations can now streamline the administration of wireless security with the confidence of knowing that their wireless network is protected. Integrated into all Ruckus ZoneDirector wireless LAN controllers at no cost, Dynamic PSK technology is an independent-device and works on laptops and handheld Wi-Fi enabled devices.

How Does Dynamic PSK Work?

When a user initially accesses the wireless network, they are authenticated through a captive portal on the Ruckus ZoneDirector. This information is checked against any standard back-end authentication server such as Active Directory, RADIUS or an internal database on the ZoneDirector.

Once the user has successfully authenticated, Dynamic PSK technology automatically generates a unique encryption key for that user device. This key is downloaded to the client and automatically configured, along with the requisite Wi-Fi information. This eliminates users from having to manually configure anything and dramatically reduces the technical support burden on IT staff.

Each Dynamic PSK is bound to a specific client device and has a configurable lifetime. With Dynamic PSK, organizations control the length of time that each key is valid in increments of hours, days, weeks or months. Once the key expires, users must re-authenticate. If a user device is stolen, others on the network are not at risk. Network managers only need to delete the compromised user or device record in their authentication database.

"The simplicity of these technologies, like Dynamic PSK, truly changes the game for wireless deployments," said Matthew Crandall, Associate Director of Information Services at Johnson College in Pennsylvania. "Dynamic PSK has been a remarkable time-saving tool for us -- eliminating the hassle of configuring each and every end user device while still giving us state-of-the-art Wi-Fi security.

"Like a lot of organizations, we demanded strong wireless security but didn't want the management hassles associated with it. Dynamic PSK breaks through the conventional problems that have inhibited implementing a simple and strong wireless security architecture that easily scales," concluded Crandall.

Johnson College operates a campus-wide 802.11n Wi-Fi network across 13 buildings. When new users access an open "provisioning" wireless network (SSID), they use secure HTTPS to authenticate against Johnson College's user directory. Once authenticated, user devices are automatically configured with a unique encryption key and required SSID information. The devices then securely connect to the appropriate Johnson College wireless network.

About Ruckus Wireless, Inc.

Headquartered in Silicon Valley, Ruckus Wireless is a manufacturer of advanced "Smart Wi-Fi" technology and wireless LAN (WLAN) systems used by enterprises and carriers around the world. Ranked as the top telecom company in the 2009 Inc. 500 list and named a World Economic Forum Technology Pioneer, Ruckus has developed patented technology that uniquely extends signal range and allows for consistently reliable distribution of delay-sensitive multimedia content and services over standard 802.11 Wi-Fi. Its flagship product line, ZoneFlex, is the first centralized wireless LAN system to combine state-of-the-art Wi-Fi smart antenna arrays and wireless meshing to deliver maximum range and reliable performance at the lowest cost. Leading broadband operators use its MediaFlex multimedia routers to extend wireless digital services such as IPTV throughout subscribers' homes worldwide. Ruckus has raised approximately $51 million from premier investors such as Sequoia Capital, Focus Ventures, Sutter Hill, Motorola, T-Ventures, Telus, Mitsui and others. Ruckus Wireless is led by Ms. Selina Lo, president and chief executive officer. For more information, visit Ruckus Wireless at http://www.ruckuswireless.com.

Media Contacts


Nancy MacGregor Hill
RealTime Communications


nancy@realtime-comm.com


+1-510-733-6228 office


+1-415-309-5185 mobile




David Callisch


Ruckus Wireless


david@ruckuswireless.com


+1-408-504-5487



Like this post? Why not to Subscribe to WiFi Security news by Email for FREE

Monday, May 3, 2010

Arbor Networks Offers Virtual Network Security Tool

Arbor Networks, whose technology detects abnormal network traffic flow, now offers its PeakFlow monitoring tool for use in virtualized environments. PeakFlow X Virtual 4.2 is the alternative to PeakFlow X software that monitors packet flow through network routers and switches, alerting system administrators if traffic spikes above normal patterns, such as in the case of a distributed denial of service (DDOS) attack. The virtual version of the software is designed to run in VMware's ESX and ESXi hypervisors.

PeakFlow SP was introduced in 2000, targeting telecommunications service providers such as Verizon, AT&T, British Telecom and others that operate vast global networks and also serve as Internet service providers (ISPs). The appliance sampled about one packet in 100,000 to extrapolate from there network traffic patterns. In 2006, Arbor introduced PeakFlow X, which was targeted at enterprises and sampled 100 percent of network traffic, said Tom Bienkowski, director of product marketing for Arbor Networks.

Increasingly, though, service providers are showing an interest in also using the enterprise version of PeakFlow as they become managed security service providers (MSSPs) to their customers, said Bienkowski. Frost & Sullivan estimates that the size of the global managed security service market will grow to about $2.5 billion in 2015, from about $1.5 billion this year. Offering the virtualized product makes providing that security more cost-effective for MSSPs. "The virtual version of the X products allows these service providers to deliver those managed services much more economically. It's much easier, there's less rack space -- all the advantages of being virtual," Bienkowski said.

DDOS attacks are growing in size and severity, he added. Arbor Networks' own analysis reports DDOS attacks in 2007 of as high as 40Gbps, up from just 10 Gbps in 2004, and the rise of cloud computing is only going to create richer targets for attacks and more opportunities for companies such as Arbor Networks, said Jennifer Pigg, an analyst with Yankee Group. "[In the cloud] there are things moving in and out of the network that you can't pin down the location for, you don't know where the resources are located so it becomes a real security vulnerability, and it becomes that much more difficult to trace where there is something like a denial of service attack," Pigg said. Arbor Networks can appeal to a large market of both ISPs and enterprises that are creating clouds for their own use or as a public cloud offering, Pigg added.

Arbor Networks competes against companies like Lancope, with its StealthWatch line of network monitoring technology, and Mazu Networks, whose Mazu Profiler software also does network behavioral analysis. But Pigg said there are other companies in the domain name system (DNS) space that also provide DDOS notification, such as Neustar and Nominum.

Source: networkcomputing.com


Like this post? Why not to Subscribe to WiFi Security news by Email for FREE

Why WiFi Security and encryption matter?

Recently there seems to be a never ending stream of information leaks percolating through the news. Several states mandate wireless networks implement encryption and the Federal government is looking at forcing companies to disclose information leaks to affected customers. Of course any information leak or unauthorized access to sensitive data on a personal or even worse business network may present a myriad of liability issues.

Wireless networks are often targeted and most of them are not up to the standard of security that is publicly available. Using no encryption leaves your network immediately open to attack. This means any third party can connect in to your network, discover resources like shared files or computers that are vulnerable and gain access. There is not much, if any legal protection afforded in this situation as the network is open.


WEP (wireless equivalent privacy) is an older standard that for its time was certainly better than no encryption, but these days it is not much more secure than leaving the network wide open. The reason is that there exist several fundamental flaws in the WEP algorithm that leave your network vulnerable, including, but not limited to:


  1. Passive attacks to decrypt traffic

  2. Active attacks to inject new traffic from unauthorized nodes

  3. Active attacks to decrypt traffic based on fooling the AP (access point)

  4. Dictionary-based attacks that may take some time, but allows full decryption of all network traffic



These attacks are simple to configure and can be implemented with off the shelf equipment, including many standard laptop configurations. Furthermore, WEP uses RC4 encryption, a weaker and older form of stream-based encryption that is easy for attackers to exploit because of its vulnerable key exchange mechanism and the lower grade cipher used.

Many routers are setup to use WEP encryption, even those supplied by Internet providers. If you are using WEP (or no encryption at all) it’s best to consider using WPA2 with AES encryption. This is the highest publicly available wireless encryption standard. If your router or wireless card does not support this standard now would be a good time to consider upgrading.

Source: arlingtonvacomputerrepair.com


Like this post? Why not to Subscribe to WiFi Security news by Email for FREE

HOWTO setup WiFi Security on your router and connect to your wireless network

This guide will show you how to put a security code on your wireless network so strangers can not access your Internet, how to connect to a secured wireless network. Router configuration addresses D-Link 192.168.0.1 Linksys 192.168.1.1 Belkin 192.168.2.1 Netgear 192.168.0.1



Source: articlemarks.com

Like this post? Why not to Subscribe to WiFi Security news by Email for FREE

White Paper - Modern Network Security: The Migration to Deep Packet Inspection

Where attacks like Smurf, Fraggle and the Ping of Death were the key threats in years past, now attacks such as "Microsoft IIS 5.0 printer ISAPI extension buffer overflow vulnerability" and "Unicode directory traversal" are more prevalent, albeit much less imaginatively named...

Read more in the white paper.

Download White Paper

Source: whitepapers.hackerjournals.com

Like this post? Why not to Subscribe to WiFi Security news by Email for FREE

Sunday, May 2, 2010

Texas Network Security Systems are Tighter Than a Biscuit

Network security is one of the most important factors to be considered while setting up a network at home or at the office. An unsecured network will result in loss of information and data. Network Security in Austin Texas plays a very important role to the people of Texas as their computers may be given a potential threat from the Internet.

More over cyber crimes are increasing tremendously these days which is to be considered as a matter of great importance. Austin Texas Network Security should be strengthened by all the computer users of Texas so that they can be safe about their data and information.

Most people in Texas do not still know what network security is and the dangers that can be caused by the security breach. Any one can get into the computer of an unsecured or unprotected network and can use the data or information that is available in the system.

If the Austin Texas Network Security is too weak then hackers can easily modify the data or even destroy the data present in the computer. Network Security in Austin Texas depends on the protection and the security of the network in which the computer is connected to.

Network security is basically not about updating programs in the system and rather it is removing the malware, spyware and other intruding programs that damage the capability of the system. Network Security in Austin Texas should be made available to all the people in the city and everyone should be aware of the potential dangers of an unsecured network.

Austin Texas Network Security comes into a role where the people of the city are working with an always on Internet connection where the chances of getting a security breach are high. With high speed Internet connections coming to reality people should be very much aware of the network security.

Every person in the city of Texas who has a system and which is connected to a network which can be a local area network or a wide area network should be very careful about his network. Austin Texas Network Security is used by the people only when their system is affected by a virus program or there has been a loss of data in their system.

Most companies forget the danger of an unsecured network which can result in a great loss to the company as the company secrets and their information can go destroyed without Network security in Austin Texas. If one system is affected by a virus which is connected to an unsecured network every person in that network has the chance of getting that virus very easily if Austin Texas Network Security not proper.

A malicious code can cause the whole system to crash without the knowledge of the user of the system if the Network security in Austin Texas is weak. The damage is very strong that even a bank’s network or an airline or any company in the city can be completely shut down due to poor Austin Texas Network Security.

The damages due to these are increasing every year and so the people should be careful about their computers and make sure it is secured while it is connected to a network.

Source: tech.yug.com


Like this post? Why not to Subscribe to WiFi Security news by Email for FREE

Thursday, January 28, 2010

WEP Wireless Security Stinks – Find Out Why

A part of securing your network needs of your wireless access points. Wireless access can be dangerous to your network. Most people do not know how easy it is to use wireless access points. Let me illustrate my point. I went one afternoon and took my trusty laptop with me. The task was to scan this afternoon "open" wireless access points. An "open" wireless access point is one that has no encryption, or security, on the signal.This allows anyone to listen to your stream.

If you still can not get, it's a very bad thing! So I drove for about 2 miles through a small business district and apartment complex. What was the outcome? Oh, about 45 open wireless networks. This means that I could subscribe to those networks, scan it, and to use machines connected to that network. I did not do it, but you my drift. The lesson here is to encrypt your wireless data stream.

Some people think that the choiceWEP encryption provides great wireless security. It would be wrong. Your wireless router may have an option for WPA and WEP. You should always choose WPA security over WEP. Let me explain why. I set up a wireless network in my home. I enabled WEP security with 128-bit encryption. The "strong" security for WEP encryption. I wrote the security key and then I started my test. My aim was to hack my own WEP wireless network. I thought it woulda really difficult task. I was wrong.

I shot on my Linux laptop. Linux is simply an alternative operating system to Windows. This particular Linux distribution or Linux variant was a safety issue. This gave me all kinds of tools to scan for wireless networks and exploiting. A typical hacker is all these free tools are available. I then fired up Kismet. Kismet is a great Wi-scanning program. I have my wireless network in the list. Ifound the connected client and the access point or router. Then I went to a typical type of attacks do on the network. Hackers have to dig what a "package" from a computer that already has the key for the secure wireless network. The hacker can then this package to replies from the router. Why is this so important? This allows the hacker a tremendous amount of data from the access point to collect. And they can eventually crack the hacker on the WEP securityKey.

So I went to my own hacking WEP wireless router. I "deauthenticated" my computer that was already connected to the router. This gave me the package I needed for the router. Then I started sending this packet to the router a lot. Once I had enough data from the router, I then went to a cracking program. Viola, it cracked the key in about 1 second. After the dust settled, I had cracked my WEP security in less than 30 minutes! But would the typical userI chop? Probably not. The only thing they would see is that their wireless connection for a moment lost. This is when I deauthenticated "grab" them from the network of "packet" I needed it.

Remember, I had my set WEP encryption to 128 bits. This is a high level of encryption. But it does not matter. All the hacker needs is a signal to crack a little time to them. Remember that hackers like house thieves. You will walk on the path of least resistance. TheYour wireless signal is harder to crack, the less likely that you will be hacked. They will simply move to the next "open" network, or with poor encryption. Do yourself a favor, and always choose WPA wireless security to WEP.





Like this post? Why not to Subscribe to WiFi Security news by Email for FREE