WiPhishing hack risk warning

• From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
• To: nethappenings@xxxxxxxxxxxxx
• Date: Tue, 26 Apr 2005 10:32:36 -0400

**************************************************************
Welcome to Nethappenings the Internet's 
largest and oldest K12 Education Mailing List 
exploring and using the World Wide Web. 
Founded by Gleason Sackmann and now Moderated by
Karen Ellis of the Educational CyberPlayGround.

NetHappenings Mailing List ©1993
-- Subscribe - Unsubscribe - Set Preferences
http://www.edu-cyberpg.com/Community/NetHappenings.html

Advertise on Nethappenings
http://www.edu-cyberpg.com/Community/Subguidelines.html

Educational CyberPlayGround Community Mailing Lists
http://www.edu-cyberpg.com/Community/
**************************************************************



http://www.theregister.co.uk/2005/04/20/wiphishing/

By John Leyden
20th April 2005

You've heard of war driving and phishing but now there's yet another
reason to wear a tin-foil hat every time you surf the net.
"WiPhishing" (pronounced why phishing) involves covertly setting up a
wireless enabled laptop or access point in order to get
wireless-enabled laptops to associate with it as a prelude to hacking
attacks.

An estimated one in five access points use default SSIDs (such as
linksys). By guessing the name of a network that target machines are
normally configured to connect to a hacker could (at least in theory)
gain access to data on a laptop or introduce malicious code.

The scenario is plausible. But like the 'evil twins' risk of earlier
this year this is probably a well understood risk given a catchy
moniker, backed by an energetic marketing campaign.

Nicholas Miller, chief exec of Cirond Corporation, and the man who
coined the term WiPhishing, was unable to cite incidents of any actual
WiPhishing attacks. Nonetheless he maintained WiPhishing posed a
greater threat then war driving. Instead of hackers with laptops
trying to break into wireless networks with WiPhishing you have
hackers with networks trying to break into wireless networks.

He said that even companies with wired networks were at risk from the
attack if the wireless access functions of corporate laptops happened
to be left on. By hijacking the legitimate connection to a traditional
wired computer network, hackers might be able to exploit the soft
underbelly of corporate networks and launch even more invasive
attacks.

Cirond held a press conference at the wireless LAN event in London
today in order to discuss WiPhishing and discuss its enterprise tools
to control how and when wireless technology is used by employees
(AirSafe Enterprise) and its wireless intrusion detection appliance
(AirPatrol Enterprise).


<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
EDUCATIONAL CYBERPLAYGROUND 
http://www.edu-cyberpg.com

Copyright statements to be included when reproducing
annotations from Nethappenings.

The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format.

> From NetHappenings copyright
> Educational CyberPlayGround.
http://www.edu-cyberpg.com/Community/NetHappenings.html

Net Happenings, K12 Newsletters, Network Newsletters
http://www.edu-cyberpg.com/Community/

FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/

HOT LIST REGISTRY OF K12 SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>

Other related posts:

• » WiPhishing hack risk warning

1. Home
2. nethappenings
3. Archive
4. 04-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---