From the Security Experts

November 10, 2011

Fluke Networks Announces New Signature Updates for Wireless Intrusion Detection and Prevention System

By SIP Trunking Report Contributor

Fluke Networks, a provider of network test and monitoring solutions to speed the deployment and improve the performance of networks and applications, announced the release of new threat signature updates for its AirMagnet Enterprise 9.0 wireless intrusion detection and prevention system (WIDS/WIPS).

AirMagnet Enterprise, the company claims, is the only solution that offers wireless LAN (WLAN) security system on the market today that can quickly generate signature updates for immediate protection and automatically push them to customers without requiring scheduled downtime or additional IT resources.

The new AirMagnet Enterprise 9.0 uses proprietary Dynamic Threat Update (DTU) technology to offer protection against wireless threats and vulnerabilities, including Karmetasploit and Apple's new AirDrop feature.

“Our ability to immediately update against emerging threats is increasingly critical to both our enterprise and government customers given the growth in Wi-Fi networks and cybercrime,” said Jesse Frankel, product marketing manager at Fluke Networks and leader of the AirMagnet Intrusion Research Team, in a statement.

“In the last few months alone, the National Institute of Standards and Technology released updated security guidelines recommending that Federal agencies implement continuous monitoring in support of WLAN security - which they are now viewing as even more important than security monitoring for other types of systems,” Frankel added.

To help protect AirMagnet Enterprise customers against the changing WLAN vulnerabilities and threats, the company announced new signature updates including AirDrop, Karmetasploit and DHCP Starvation Attack.

 The new AirDrop feature in Apple's Mac OS X Lion allows multiple users to share files wirelessly - which can be a violation of company security policies as it creates security risks.

Karmetasploit is an aggressive man in the middle (MitM) style attack that tricks a client into associating with a device masquerading as an access point running KARMA, leading to gaining access to the client machine, capturing passwords and harvesting data and conducting a wide variety of application exploits.

A DHCP Starvation Attack run from a wireless client can cause other clients to connect to a malicious          network. Wireless guest networks and unencrypted commercial hotspots are especially vulnerable to this attack.

Some of the other signature updates already released by Fluke Networks include AirPWN, Device Broadcasting XSS SSID and Ad-hoc Station Broadcasting Free Public Wi-Fi SSID.

Earlier in June, Fluke Networks announced the launch of OptiView XG, the first tablet for network analysis that provides the fastest solutions for network and application problems for both wireless and wired access - anywhere in the network.

Rajani Baburajan is a contributing editor for TMCnet. To read more of Rajani's articles, please visit her columnist page.

Edited by Jennifer Russell