Network Chemistry Protects Enterprise Laptops From Attacks Exploiting Widely Used Intel and Macbook Wireless Cards

Market Wire, August, 2006

Network Chemistry, the wireless security experts, announced today that its Rfprotect™ family of wireless threat protection solutions can be used to protect companies and government organizations against the increasing threats posed by vulnerable wireless cards used in employee laptops. Examples of these vulnerabilities were displayed at the recently completed DEFCON security conference and have been recently disclosed by Intel. DEFCON is recognized as the world's biggest hacker convention and is held annually in Las Vegas, NV.

The presentations by security experts at DEFCON demonstrated how hackers can use malformed frames or packets to exploit vulnerabilities in wireless drivers, remotely executing malicious code of their choice on target machines and devices. More importantly, this puts corporate assets directly at risk as attackers can then obtain access to critical network information and confidential data. These vulnerabilities are caused by poor coding and or testing in the wireless drivers of standard wireless cards including those from Intel and Apple. To put the risk into perspective, at DEFCON, over 60 percent of the security professionals in attendance were using wireless cards from these two vendors.

In the case of the attacks using malformed frames, the packets hit at the lowest level in the stack, thereby avoiding most detection capabilities. Firewalls and antivirus solutions will not defend against these attacks. This lack of protection reinforces the need for a wireless threat protection overlay solution that can monitor traffic in the airwaves looking for such attacks. By using Network Chemistry's industry-leading RFprotect platform, organizations can detect malformed packet attacks against wireless drivers and prevent them through sophisticated identification and tracking of authorized clients showing all vulnerable laptops.

These latest examples of vulnerabilities in wireless cards reflect a growing trend of lower level types of attacks. The attacks and general trend have been recognized and documented by the Wireless Vulnerabilities and Exploits site ( www.wirelessve.org ), the industry's only public database to aggregate and communicate wireless vulnerabilities and exploits. Other similar types of low-level attacks have been recently documented. Earlier this year an integer overflow was discovered in FreeBSD's 802.11stack [WVE-2006-0004]. In addition, both Linux and Windows have driver and other low-level disclosure vulnerabilities that can reveal the contents of a system's memory to remote attackers. Attacks of this nature are becoming more prevalent as hackers add more weapons to their arsenal by leveraging toolkits that make it easier to build and release new attacks.

"The risk of these wireless attacks is real and extensive given that larger companies and government organizations often have thousands of laptops using these wireless cards," said Dr. Chris Waters, CTO at Network Chemistry. "Mitigating the threat of attacks that exploit wireless cards is just one of many ways that organizations can use the RFprotect platform to ensure the protection of their wireless networks, data and corporate assets in the most secure, easy-to-use and cost-effective manner available."

Network Chemistry's patent-pending technology and RFprotect family of products provide a complete solution that seamlessly integrates with enterprise network, WLAN, and security systems. RFprotect Distributed is a 24/7 wireless monitoring and intrusion prevention system for protecting against wireless threats in and around enterprise facilities. RFprotect Scanner is a network-based vulnerability management solution focused on rogue wireless device detection and automated remediation and is the ideal solution for organizations that need to cost effectively enforce "no wireless" policies. RFprotect Mobile is a portable laptop-based analyzer for automating site surveys, security assessments, and incident response. Finally, RFprotect Endpoint protects mobile devices on the road by actively enforcing policy to thwart threats and prohibit risky wireless configurations.

About Network Chemistry

Network Chemistry is the industry standard for securing the mobile enterprise. The world's most successful enterprises and demanding government agencies trust Network Chemistry's wireless security solutions to prevent attacks, detect vulnerabilities, intrusions and policy violations, accelerate incident response, and conduct surveys for wireless LAN deployment planning. Network Chemistry has received numerous accolades, including being recognized as a Red Herring 100 company, receiving the top score in SC Magazine's "Wireless Security Group Test," as well as its "Global Award," and "5 Star Winner" honors; Network Computing's "Editor's Choice" and "Best Value"; and 802.11 Planet's "Best of Show." The company is headquartered in Redwood City, California. For more information, visit www.networkchemistry.com or call 1-888-952-6477.

All product and company names herein are trademarks of their respective owners.