SOURCE: AirTight Networks

July 23, 2007 08:00 ET

AirTight Reveals a New Variant of Evil Twin at DEFCON; Also a Major Demonstration of WEP Cracking Even in Presence of Chaff

MOUNTAIN VIEW, CA--(Marketwire - July 23, 2007) - AirTight Networks, the leading provider of wireless intrusion prevention solutions, will present two important papers and demonstrations at DEFCON 2007 in Las Vegas. The first, "MultiPot: A More Potent Variant of Evil Twin," will reveal the discovery of a more potent variant of Evil Twin (which Airtight has labeled MultiPot) against which the prevalent defenses, in particular deauth based session containment, are totally ineffective. A demonstration of MultiPot threat will be provided at the end of the presentation.

"Hackers are continuing to create new and sophisticated ways to gain access to networks and information," said Pravin Bhagwat, CTO for AirTight. "Wireless is quickly becoming the avenue of choice for these attacks. MultiPot provides a glimpse into complexities of evolving wireless vulnerabilities and their countermeasures."

This variant of Evil Twin, MultiPot, is one of several vulnerabilities recently discovered by AirTight researchers. Some of those have not been disclosed yet since AirTight is in the process of responsible disclosure to the vendor community. AirTight did recently disclose several MadWiFi vulnerabilities discovered by Md Sohail Ahmad, wireless security researcher at AirTight, following strict responsible disclosure procedures. http://madwifi.org/wiki/Releases/0.9.3.1

The second presentation, entitled "The Emperor Has No Cloak," will provide graphic examples of WEP cracking even when chaff packets are inserted into the data stream in the air. AirTight will demonstrate that cloaking merely masks a broken encryption system which can still be easily cracked.

"WEP is fatally broken -- a fact widely acknowledged by security experts," said Deepak Gupta, who leads the architecture group at AirTight. "This presentation will demonstrate that trying to confuse the attacker with chaff is no panacea; it cannot protect WEP from being cracked. We feel this is an important presentation to educate the market and general public that the chaffing technique provides a false sense of security."

Speakers:

K N Gopinath (Gopi) is a senior wireless security researcher and senior engineering manager at AirTight Networks. Gopi has invented several patent-pending wireless intrusion detection and prevention techniques.

Vivek Ramachandran is a member of security research team at AirTight Networks. His current focus is on 802.11 security -- both threats and countermeasures.

Both presentations are scheduled at DEFCON on Saturday, August 4.

Complete information about DEFCON 15 can be found at: https://www.defcon.org

About AirTight Networks

Founded in 2002, AirTight Networks is the leader in wireless intrusion prevention solutions (WIPS). AirTight's award-winning SpectraGuard family of WIPS products and services delivers around-the-clock wireless policy enforcement and automatic intrusion prevention against wireless security threats while monitoring wireless LAN performance to ensure maximum network uptime and capacity. The AirTight SpectraGuard solution family has achieved industry leadership based on patented technology that eliminates false alarms, blocks wireless threats immediately and automatically, and locates wireless devices and events with pinpoint precision. AirTight Networks is a privately held company based in Mountain View, CA. For more information, visit the company's Web site at www.airtightnetworks.net.

AirTight Networks, and the AirTight Networks logo are trademarks; and AirTight and SpectraGuard are registered trademark of AirTight Networks, Inc. All other trademarks are the property of their respective owners.

Contact Information

  • Media Contact:
    Della Lowe
    AirTight Networks
    (650) 934-8191
    Email Contact