************************************************************** Welcome to Nethappenings the Internet's largest and oldest K12 Education Mailing List exploring and using the World Wide Web. Founded by Gleason Sackmann and now Moderated by Karen Ellis of the Educational CyberPlayGround. NetHappenings Mailing List ©1993 -- Subscribe - Unsubscribe - Set Preferences http://www.edu-cyberpg.com/Community/NetHappenings.html Advertise on Nethappenings http://www.edu-cyberpg.com/Community/Subguidelines.html Educational CyberPlayGround Community Mailing Lists http://www.edu-cyberpg.com/Community/ ************************************************************** http://www.theregister.co.uk/2005/04/20/wiphishing/ By John Leyden 20th April 2005 You've heard of war driving and phishing but now there's yet another reason to wear a tin-foil hat every time you surf the net. "WiPhishing" (pronounced why phishing) involves covertly setting up a wireless enabled laptop or access point in order to get wireless-enabled laptops to associate with it as a prelude to hacking attacks. An estimated one in five access points use default SSIDs (such as linksys). By guessing the name of a network that target machines are normally configured to connect to a hacker could (at least in theory) gain access to data on a laptop or introduce malicious code. The scenario is plausible. But like the 'evil twins' risk of earlier this year this is probably a well understood risk given a catchy moniker, backed by an energetic marketing campaign. Nicholas Miller, chief exec of Cirond Corporation, and the man who coined the term WiPhishing, was unable to cite incidents of any actual WiPhishing attacks. Nonetheless he maintained WiPhishing posed a greater threat then war driving. Instead of hackers with laptops trying to break into wireless networks with WiPhishing you have hackers with networks trying to break into wireless networks. He said that even companies with wired networks were at risk from the attack if the wireless access functions of corporate laptops happened to be left on. By hijacking the legitimate connection to a traditional wired computer network, hackers might be able to exploit the soft underbelly of corporate networks and launch even more invasive attacks. Cirond held a press conference at the wireless LAN event in London today in order to discuss WiPhishing and discuss its enterprise tools to control how and when wireless technology is used by employees (AirSafe Enterprise) and its wireless intrusion detection appliance (AirPatrol Enterprise). <>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<> EDUCATIONAL CYBERPLAYGROUND http://www.edu-cyberpg.com Copyright statements to be included when reproducing annotations from Nethappenings. The single phrase below is the copyright notice to be used when reproducing any portion of this report, in any format. > From NetHappenings copyright > Educational CyberPlayGround. http://www.edu-cyberpg.com/Community/NetHappenings.html Net Happenings, K12 Newsletters, Network Newsletters http://www.edu-cyberpg.com/Community/ FREE EDUCATION VENDOR DIRECTORY LISTING http://www.edu-cyberpg.com/Directory/ HOT LIST REGISTRY OF K12 SCHOOLS ONLINE http://www.edu-cyberpg.com/Schools/ <>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>