Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

[802SEC] Yahoo! News Story - Feds look at wireless LANs


Angela Ortiz
Program Manager - Technical Program Development
IEEE Standards, 445 Hoes Lane,
Piscataway, NJ  08855-1331 USA
Telephone: 1732-562-3809  ><  Fax: 1732-562-1571
E-m:   ><

----- Forwarded by Angela Ortiz/STDS/STAFF/US/IEEE on 08/19/2002 05:38 PM
                    Karen Mc Cabe                                                                                  
                                         To:     Judith Gorman/STDS/STAFF/US/IEEE@IEEE, Karen                      
                    08/19/2002            Rupp/STDS/STAFF/US/IEEE@IEEE, Susan Tatiner/STDS/STAFF/US/IEEE@IEEE, Bob 
                    05:30 PM              Labelle/STDS/STAFF/US/IEEE@IEEE, Susan Tatiner/STDS/STAFF/US/IEEE@IEEE,  
                                          Mary Lynne Nielsen/STDS/STAFF/US/IEEE@IEEE,           
                                         cc:     Debora Wernoch/STDS/STAFF/US/IEEE@IEEE,          
                                         Subject:     Yahoo! News Story - Feds look at wireless LANs               

FYI re: IEEE 802.11x and a US government recommendation.

Karen McCabe
Senior Marketing Manager, IEEE Standards
445 Hoes Lane, PO Box 1331
Piscataway NJ 08855 USA
PH: +1 732 562 3824
----- Forwarded by Karen Mc Cabe/STDS/STAFF/US/IEEE on 08/19/2002 05:29 PM
                    Yahoo! News                                                                                           
                    <refertofriend@reply.       To:,                              
          >                  cc:                                                                       
                                                Subject:     Yahoo! News Story - Feds look at wireless LANs               
                    08/19/2002 03:12 PM                                                                                   
                    Please respond to                                                                                     

Marsha Longshore ( has sent you a news article

Personal message:

FYI.. Deb, this goes with the NIST newsletter item you just mentioned.

Feds look at wireless LANs

                                                       News Home - Yahoo! - Help 
                                                     (Embedded image moved to    
                                                     file: pic31762.gif)         


 Welcome, Guest             Personalize News Home Page (Embedded image moved to 
                                                file: pic28423.gif)  -   Sign In 

 Yahoo! News   Monday,                                                           
 August 19, 2002                                                                 
                                     | (*) News Stories       |                  
                                     | ( ) News Photos        |                  
                                     | ( ) Audio/Video        |                  
                                     | ( ) Full Coverage      |                  
                                     | ( ) The New York Times |                  
                                     | ( ) All of Yahoo!      |                  


 (Embedded image     Technology - MacCentral                                        
 moved to file:                                                                     
  News Front Page                                                                   
  Top Stories                                                                       
                     Feds look at wireless LANs                                     
  World              Mon Aug 19, 8:43 AM ET                                         
                     By Ellen Messmer, Network World (US)                           
  Sports             A federal agency is readying a report that will recommend      
 (Embedded image     against the U.S. government using wireless LANs -- except when 
 moved to file:      applying a long, detailed list of security controls.           
  Oddly Enough       Even though wireless LANs are a billion-dollar business and    
                     growing fast, reports such as the one coming out from the      
  Op/Ed              National Institute of Standards and Technology (NIST) continue 
                     to dog the technology.                                         
  Local              Sources say, the U.S. Department of Defense ( news - web sites 
                     ) also is said to be considering restrictions on wireless LAN  
  Comics             usage for classified and nonclassified environments.           
  News Photos                                                                       
                     What NIST is advising                                          
  Most Popular       Among NIST's recommendations is that wireless LAN access       
                     points be located only where no unauthorized individuals can   
  Audio/Video        access them.                                                   
  Full Coverage                                                                     
                     With freeware such as AirSnort, hackers have been known to     
  Lottery            access wireless LAN access points from up to 1,000 feet away.  
                     NIST also suggests that agencies put firewalls between         
                     wireless and wire-based LANs. Another 50 or so recom!          
                     mendations will be included in the report, called "Wireless    
 News Resources      Network Security."                                             
                     The NIST report arrives at a time when the IEEE is attempting  
  Providers          to standardize on port authentication in 802.11 wireless LANs. 
                     The proposed 802.1X standard addresses several authentication  
  AP                 types, including passwords, certificates, media access control 
                     (MAC) addresses and the widely used Remote Authentication      
  Internet Report    Dial-In User Service protocol. But 802.1Xs progress hasn't     
                     been smooth, with a University of Maryland professor cracking  
  TechWeb            the technology earlier this year and companies such as Cisco   
                     Systems Inc. and Funk Software Inc. battling over how to       
  USA TODAY          bolster it.                                                    
                     But it's critical to move ahead on 802.1X because the 802.11b  
  MacCentral         specification, as the NIST report points out, lacks any "true  
                     authentication" of users. Only a user's wireless LAN-enabled   
                     device is authenticated via what's called the Service Set      
                     Identification (SSID).                                         
  News Alerts                                                                       
  denial-of-servic   The NIST report suggests that wireless LANs s! hould include   
  e                  VPN clients and gateways for privacy and authentication. Wired 
                     Equivalent Privacy (WEP), the 802.11 standard for encryption,  
  Department of      has been shown to be too easily broken using freeware such as  
  Defense            WEPCrack.                                                      
                     Report cites helpful vendors                                   
  (Embedded image    NIST singled out vendors such as Bluesocket and Vernier        
  moved to file:     Networks as being among those that deliver products that can   
  pic12268.gif)My    address wireless LAN security and privacy concerns.            
  Add Technology -                                                                  
  MacCentral to My   Searching out wireless LAN vulnerabilities is becoming a       
  Yahoo!             business. One start-up, AirDefense, has catalogued what it     
                     says are 100 types of denial-of-service ( news - web sites)    
                     attacks jamming the airwaves with noise to shut down wireless  
                     LAN access points, 27 attacks to take over wireless LAN        
                     stations, 490 different probes to scan wireless LANs for       
                     weaknesses and 190 ways to spoof media access control (MAC)    
                     addresses and SSIDs to assume the identity of another user.    
                     "The MAC address is unique, so only one should be trying to    
                     come into the wireless! LAN at a time," says Fred Tanvella,    
                     chief security officer at AirDefense, which developed a        
                     wireless LAN intrusion-detection sensor.                       
                     "So if someone is using a Cisco card and another a Lucent      
                     (Technologies Inc.) card, and they're trying to fake it, we    
                     can tell," he says.                                            
                     Government contractor Science Applications International Corp. 
                     (SAIC) is experimenting with a "honeypot" to detect and trap   
                     hackers trying to break into wireless LANs from a distance     
                     (sometimes referred to as "wardriving"). The goal is to gather 
                     information about how hackers get in.                          
                     While SAIC officials declined to discuss the project in depth, 
                     it is known to be based on Cisco wireless LAN access points    
                     deployed in the Washington, D.C., area.                        
                           Click here for all of today's news at MacCentral.        
                     < Previous Story                                               
                                     (Embedded image moved to file: pic09318.gif)   
                                                     Email Story                    
                                                  (Embedded image moved to file:    
                                                    pic05602.gif)  Print Story      
                                                                       Next Story > 
                      (Embedded image moved to file: pic31907.gif) Message Boards:  
                                             Post/Read Msgs                         
                     More Technology - Top Stories Stories                          
                      Nasdaq Calls It Quits on Asia   (AP)                          
                      Orbitz to Book Tickets Directly with American  (Reuters)      
                      OASIS Forms Group To Improve Web Services Management          
                      Take a look at who's instant-messaging you  (USA TODAY)       
                      Cult of the Mac - Is Anyone Switching?  (NewsFactor)          
                                                                        Free News   

                          Copyright  2002 Mac Central.