
	Home > Ask the Security Experts > Expert Archive: Information Security Threats Questions & Answers > What is WiPhishing?

Ask The Security Expert: Questions & Answers

EMAIL THIS

What is WiPhishing?

EXPERT RESPONSE FROM: Ed Skoudis, past SearchSecurity.com expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 11 October 2006
WiPhishing is something I've heard a lot about lately. Can you please explain this new phishing tactic and detail why WiPhishing should be seen as a threat?

BROWSE BY TAG

NAC and Endpoint Security Management, Client security, Enterprise Network Security, Expert Archive: Information Security Threats, Wireless Network Security: Setup and Tools, Wireless LAN Design and Setup, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Client security
	How to defend against rogue DHCP server malware
	Symantec offers endpoint protection management, monitoring services
	Sophos integrates encryption into endpoint security
	Quiz: Endpoint security on a budget
	How to find sensitive information on the endpoint
	Trend Micro gets more competitive with BigFix deal
	CA steers DLP towards access, identity management
	CA to acquire Orchestria for DLP
	Microsoft to embed data classification, strengthen ties with DLP
	Diverse mobile devices changing security paradigm

Expert Archive: Information Security Threats

The telltale signs of a network attack

Will Google Chrome enhance overall browser security?

Are there antivirus suites that pick up more than just run-of-the-mill viruses?

What tools can a hacker use to crack a laptop password?

Are social networking sites an easy target for malicious hackers?

What are the dangers of cross-site request forgery attacks (CSRF)?

Should social engineering tests be included in penetration testing?

What kind of data is compromised during a Google hack?

Best practices for using restriction policy whitelists

Defining mobile device security concerns

Wireless LAN Design and Setup

A list of wireless network attacks

Wireless Security Lunchtime Learning

An introduction to wireless security

Hunting for rogue wireless devices

A wireless network vulnerability assessment checklist

Risky Business: Understanding WiFi threats

Lesson 1 quiz: Risky business

Wireless Security Lunchtime Learning Entrance Exam

Lesson 1: How to counter wireless threats and vulnerabilities

Study reveals lack of financial wireless computer security

Wireless LAN Design and Setup Research

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

brute force cracking (SearchSecurity.com)

buffer overflow (SearchSecurity.com)

Crash Course: Spyware (SearchSecurity.com)

email spoofing (SearchSecurity.com)

phishing (SearchSecurity.com)

rootkit (SearchMidmarketSecurity.com)

social engineering (SearchSecurity.com)

Wired Equivalent Privacy (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

WiPhishing involves a bad guy configuring a laptop to impersonate a trusted wireless access point. For example, an attacker may set up a machine with an SSID (a wireless LAN name) of "Linksys" or "T-Mobile," in an effort to get users to access the Internet through the attacker's own machine. If someone falls for the trap, the attacker can monitor all clear-text traffic that passes through the attacker's system, possibly including email, Web content and other data.

There are two factors that can make this type of threat worse. First, many wireless client packages are configured to automatically associate with an SSID that they've used in the past, based merely on the name of the access point. Future connections often happen automatically, regardless of the hardware address or any other characteristic. Thus, a user may not know that his or her software has associated with an access point, let alone an impersonated one. Secondly, there are tools that can automate WiPhishing attacks, namely Hotspotter and Karma. These tools respond to any SSID requests that a wireless client detects. They can then pretend to be that access point, offering services like Web, email and file sharing to the victim's machine. This scheme dupes a user into revealing passwords and other sensitive information.

To foil these attacks, I recommend deploying encrypted VPN access for wireless traffic. Also, instruct users to trust wireless if and only if they've made a VPN connection across it; otherwise, attackers can monitor their traffic.

More information:

Learn the best practice for detecting wireless devices.

Build a secure wireless connection.

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business
Targeted Security Channel Tips for Resellers, Integrators and Consultants

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy