>From SANS.org --"Evil Twin" Wireless Access Points (24/20/19 January 2005) Researchers at Cranfield University (UK) are warning that "evil twin" wireless access points could be used to intercept sensitive information such as passwords and user names. Attackers could jam legitimate access points and send a stronger wireless signal from a base station close to the client. Wireless users should make sure that the security measures on their devices are activated, and should be cautious about using wireless networks to transmit sensitive data. It is also recommended that personal firewalls are used. Security writer Wayne Rash offers advice on ensuring a secure hotspot experience.
http://asia.cnet.com/news/security/printfriendly.htm?AT=39214556-39037064t-3 9000005c http://informationweek.com/story/showArticle.jhtml?articleID=57702643 Wayne Rash: http://www.securitypipeline.com/57702370 [Editor's Notes (Pescatore): Using a cute new name like "Evil Twins" just causes confusion - this is just spoofing or a man in the middle attack. The hotspot industry does need to come up with a solution for spoofing for registered subscribers. (Schneier): This is an interesting attack, and one that I suspect would be all too easy for even an experienced wireless user to get caught by, especially if he's using an unfamiliar wireless network. (Shpantzer): This is an issue with the basic design of some wireless systems: The implicit trust that is given to the access point by the wireless endpoints. Some firmware in the wireless endpoints also looks for the strongest available signal and connects to it, again, without authenticating the access point as a legitimate source of connectivity. (Guest Editor Joshua Wright): This weakness has been actively exploited by attackers since early 2003, commonly targeting hotspot wireless networks to steal password or other sensitive information. Organizations using mutual-authentication systems such as PEAP or EAP/TLS will mitigate this threat, since a client will identify the "twin" access point as a rogue device.] _______________________________________________ BAWUG's general wireless chat mailing list [unsubscribe] http://lists.bawug.org/mailman/listinfo/wireless
