Free Newsletter

Get the latest news on WiFi, WiMAX, muni WiFi and other hot wireless broadband topics and technologies.

FierceWiFi brings wireless broadband news to over 48,000 wireless industry insiders. Sign up for the free FierceWiFi weekly email briefing.
 *   *
 
 *

Editor

New Windows WiFi security flaw discovered

As Saturday Night Live's Rosana Rosanadana would say, "It's always something--if it's not one thing, it's another." Just look at Microsoft's eagerness to help WiFi users by tweaking Windows XP or 2000 so that when a PC or laptop with these operating system boots, it automatically tries to connect to a wireless network. Helpful feature--but also a chink in the system's armor. Here is how it works:

When a PC running Windows XP or Windows 2000 boots up it automatically tries to connect to a wireless network. If the computer can not set up a wireless connection, it will establish an ad hoc connection to a local address. This connection is assigned an IP address and Windows associates this address with the SSID of the last wireless network to which it connected. The PC will then broadcast this SSID, looking to connect with other computers in the immediate area. Here is the danger: If an attacker listens for computers which are broadcasting in this way--and create a network connection of their own with that same SSID--this would allow the two machines to associate together, thus giving the attacker access to files on the victim's PC.

Security experts urge three things: Users with Windows XP who have not yet installed SP2 should do so; commuters should also get personal firewalls; and users should disable the WiFi sniffing feature when not using WiFi (how many of our readers are aware that their computers tend to connect to the peer-to-peer network in such a way?). Companies sending their employees on the road with laptops should have the company's system administrators block ports 135, 137, 138, and 139 from accepting NetBIOS connections.

For more on Windows WiFi vulnerability
-read Tom Espiner's c|Net report

MORE: Meru Networks says its new security solution provides a new layer of protection beyond encryption, firewalls, and intrusion protection by going to the signal-level. Using the company's AirShield Technology, the new Security Services Module (SSM) software does three things. The first is micro-scan the area using APs and switches. The second is radio jamming for mitigating rogue APs.  Finally, transmission scrambling takes advantage of the antennas Meru uses on its APs and switches, so only the sender and receiver of the packets intended will ever see them, all other clients on the network see white noise. Story.

Trackback URL for this post:

http://www.fiercewifi.com/trackback/942