Wireless Vulnerabilities & Exploits
Wireless Vulnerabilities & Exploits
WVE is the source for in-depth information on wireless vulnerabilities. It provides a standardized nomenclature for Vulnerabilities in wireless protocols and products, and the Exploits which take advantage of these vulnerabilities. It is also a database or catalog of these vulnerabilties and exploits.
We are very excited to announce that the SANS Institute has become an official sponsor of the WVE project. Many of our readers know the SANS Institute as a well-respected, global authority for information security training, certification & research. SANS is widely known for their significant contributions to the information security community through research publications and the Internet Storm Center.
Like WVE, the SANS Institute is dedicated to helping the community with valuable information resources, and we are happy to have them sponsor us. Welcome, SANS Institute!
Security analyst Raul Siles has developed a paper on the use of wireless honeypot (dubbed "honeyspot") technology to study the skills and capabilities of wireless attackers. Describing the architecture and deployment of a wireless honeypot, Siles' paper is a valuable resource for enhancing the security of wireless networks, either as an attacker skillset and technique analysis tool, or as a deterrent to ward attackers away from other networks (e.g. "Pay no attention to the man behind the curtain"). More information is available on Raul's blog post or you can grab the paper from the Spanish Honeypot website. Thanks Raul!
Following his RSA 2008 presentation titled "High Speed Risks in 802.11n Networks", WVE editor Joshua Wright has posted his slides. New WVE entries pertaining to these issues have also been created. Comments are most welcome. Thanks!
New entries highlighting vulnerabilities in IEEE 802.11n networks are being added to the database. This is in coordination with WVE editor Joshua Wright's presentation tomorrow at the RSA 2008 conference in San Francisco titled "High Speed Risks in 802.11n Networks". Presentations slides will be posted on Josh's website, and linked here on the News page. If you are at the RSA conference, be sure to catch Josh's presentation at 8:00am on Thursday (WIR-301).
Two WVE editors, Mike Kershaw and Joshua Wright, have been selected as speakers at the first annual SHARKFEST conference. This Wireshark developer and user event is 3 days of training and discussions on network analysis, troubleshooting, security, Wireshark development, communications dissection and more.
Mike Kershaw is giving a session titled "WLAN Analysis & Security", focusing on security analysis with Wireshark. Joshua Wright is giving a session titled "Leveraging Wireshark for Wireless Network Analysis", focusing on WLAN operational troubleshooting and debugging.
SHARKFEST.08 is on March 31 - April 2 at Foothill College in Los Altos Hills, CA. More information including an agenda for the conference is available on the SHARKFEST website.
