Marcia Savage
July 08, 2005

New type of wireless attack surfaces

AirMagnet researchers are tracking a new kind of wireless attack that can flood a company's central authentication server.

AirMagnet, a supplier of Wireless LAN security and management products, has dubbed the new exploit "phlooding," said Rich Mironov, the company's vice president of marketing.

The exploit involves multiple attackers in different locations launching dictionary attacks against the wireless access points of a distributed enterprise by trying a series of usernames and password combinations, he said.

Those requests are sent to a central authentication server, such as an LDAP or RADIUS server, and can flood it with hundreds of incoming login requests per second.

"It potentially could slow down or flood the central authentication server with enough traffic that it keeps other people from getting into the applications they need," Mironov said.

While phlooding is not a critical threat, it does indicate that "there is continuing innnovation on the dark side," he said.

www.airmagnet.com

Similar Articles
close

Next Article in News

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.