Blog

Get the Newest Blog Direct to your Inbox

* indicates required
  • CWNP

MediaFlex-o-matic

I'm talking about Ruckus's MediaFlex.  Everything is automagic.  No, seriously.  Plug it in, wait a few seconds, and poof: you have an automatically-selected 5 GHz (40 MHz) UNII channel moving HD IPTV.  Coverage?  Not a problem with Transmit Beamforming (TxBF) - Ruckus's trademark feature.  The AP was downstairs in the basement, and the two TVs were upstairs.  Without TxBF, there's no way this could've happened in 5 GHz.  Clarity?  As good as the RG59 cable that our AT&T U-verse receivers were using prior to testing the Ruckus MediaFlex 7000 series system...and yes, I unplugged the RG59 cables before testing! :-)

Continue reading...

  • CWNP

Rogue AP Prevention: Duping (802)Dot1X Access Control

“You can't solve social problems with software” – Marcus Ranum

We have covered two sources of WiFi threats in my previous blog posts – Rogue AP and Client mis-configurations. It has been encouraging to see quality comments from readers – some of them have pointed out why 802.1X is the “preferred” way to mitigate the Rogue AP problem. In this post, we will dig a little bit deeper into this. IEEE 802.1X port-based access control provides an authentication mechanism for devices wishing to communicate via a port (e.g., a LAN port). If the authentication fails, it disallows further communication via the port. 802.1X is a simple form of Network Access Control (NAC) solution – a generalized NAC can provide additional functionality such as fine-grained access control, identity management, access management, and quarantining non-compliant clients (e.g., ones without proper anti-virus protection).

I think that 802.1X is a good first step in securing your network from Rogue APs. It does provide some control on the relatively deterministic part of the problem – the wire. However, as I had hinted in my earlier post, I believe that 802.1X (or even a generalized NAC, for that matter) alone is not sufficient for mitigating Rogue APs. Here are my reasons:

 

Continue reading...

  • CWNP

Determinism

Call it what you will: Deterministic, Utility, or Automatic.  I don't really care what you call it if you can make Wi-Fi "just work."  Every vendor will tell you a different story to tell on how to build "Wi-Fi that works" based on their own networking philosophy and feature sets, and every network administrator has a different view of what "Wi-Fi that works" means.

Continue reading...

  • CWNP

SWEETNESS!

That's what I think about it.  It's just pure sweetness.  Fluke buys AirMagnet.  I'll be the first to admit that I never saw it coming...never.  I thought it would be Cisco.  In hind-sight, the Fluke acquisition makes perfect sense of course.  Fluke has reigned in the Ethernet diagnostic market for years, and a young newcomer had taken that spot within the Wi-Fi market.  Fluke has had Wi-Fi diagnostic gear for some time, and their people are extremely committed to their cause, but their product portfolio simply hasn't stacked up against the market leaders...until now.  Apparently they have, in one very bold step, moved to center stage of the diagnostics market en total.  Unreal.

Continue reading...

  • CWNP

King of Websites

Be who you are and say what you feel, because those who mind don’t matter and those who matter don’t mind. – Dr. Seuss

OK, let's talk about Wi-Fi manufacturer websites.  Let's be totally honest: most of them just suck.  Don't worry, I'm not going totally negative here.  There is one company who has figured out just how important the public-facing part of the company really is.  I'll put my flag in the dirt right here: RuckusWireless.com is the best website in the Wi-Fi industry.  Bluntly, it kicks everyone else's butt.  If I were grading, it would be an A+.  Clean, beautiful, personal, friendly, easy navigation, and I could go on.  It more-or-less lets you peer directly into the company - getting to know the people, the products, the direction, and more.  They have a blog site called TheRuckusRoom.net that's equally as good.  The list below isn't meant to insult anyone.  It's meant as constructive feedback, because I really hope every website below could be graded as an A within a year (including our own).

Continue reading...

  • CWNP

Wireless (In)Security: 5 WiFi Client (Mis)Uses

My previous post (WiFi Rogue AP: 5 Ways to “Use” it) talked about the (mis)uses of a Rogue AP. This post looks at the other challenge – security issues with WiFi clients. WiFi clients come from different vendors and are available in several flavors. They are embedded in today’s notebooks which often carry sensitive enterprise and personal data. By their very nature, such clients are highly dynamic. I am sure that network administrators managing even moderate sized enterprises can relate to the following two issues.

Continue reading...

  • CWNP

The Beginning of Knowledge is the Discovery of Something We Do Not Understand

Back when good ‘ole Netstumbler was introduced, WLAN discovery was a novelty.  Good protocol analysis tools were few and far between, and a little bit of information about the frames traversing the air was like informational gold, especially for the occasional hackers.  Nowadays, serious Wi-Fi troubleshooting is done with high performance—and usually high cost—sniffers  with wicked decoders, filters, aggregators, and simulators that make casual WLAN discovery tools like Netstumbler look like an alley cat next to a lion. 

Continue reading...

  • CWNP

Wireless (In)Security: 5 WiFi Client (Mis)Uses

My previous post (WiFi Rogue AP: 5 Ways to “Use” it) talked about the (mis)uses of a Rogue AP. This post looks at the other challenge – security issues with WiFi clients. WiFi clients come from different vendors and are available in several flavors. They are embedded in today’s notebooks which often carry sensitive enterprise and personal data. By their very nature, such clients are highly dynamic. I am sure that network administrators managing even moderate sized enterprises can relate to the following two issues. First, the hassle of maintaining an accurate list of enterprise WiFi clients and second, controlling the WiFi profile of a client (WiFi profile of a client determines its mode of operation, wireless networks it will try to connect to and its security settings). Although controller based wireless LAN (WLAN) infrastructure can mitigate the first issue, it may not be of much help in controlling the WiFi profile of enterprise clients. Hence, every enterprise can potentially have such “mis-configured” WiFi clients. They can be exploited by an attacker in the following 5 ways.

Continue reading...

  • CWNP

WiFi Rogue AP: 5 Ways to Use It

“The notion of a hard, crunchy exterior with a soft, chewy interior [Cheswick, 1990], only provides security if there is no way to get to the interior. Today, that may be unrealistic.”  -- What Firewalls Cannot Do, Firewalls and Internet security

Rogue APs are Access Points (APs) that are deployed in an enterprise network without the consent of the authority owning the network. In certain cases, the intent behind a Rogue AP may be benign – for example, an employee who wants to access the network from his favorite corner of the office. While in other cases, a Rogue AP can be deployed with a malicious intent – say, by an attacker or his accomplice.

Continue reading...

  • CWNP

AirHORN is a Blast!

Upon first inspection, this unassuming little gadget (AirHORN from NutsAboutNets.com) doesn't seem like "all that"...but give it more than 2 minutes, and you'll be hooked.  Forgetting its intended purposes for a second, this gadget is just plain fun to play with.  The first thing I did was to pull out my fancy-smancy AirMagnet Spectrum Analyzer to monitor what AirHORN was doing.  It not only did what it was intended to do, but it also had me laughing out loud at the cool things it does and how useful it can be for a variety of things.  I started a spectral recording in AirMagnet, put AirHORN in Fast Traverse mode, and just sat there laughing at the prospect of sending it to some expert friends who pride themselves on their troubleshooting skills.  With slanted white lines repeating across the swept spectrogram, I can only imagine what BS they'll speculate that this "system" is! :-)

Continue reading...

Page 25 of 36