Archive for the ‘Uncategorized’ Category
I ran across a nice Techworld article that talks about the need for wireless to be as fast, reliable,and scalable as wired Ethernet. Namely, because of the number of new wireless devices on the network that don’t *have* Ethernet ports. However, this article goes beyond BYOD and talks about management and policy for a single Unified Access layer (Wired, Wireless, and VPN), which I believe is a growing trend.
You can read the story here:
I know that everyone is awaiting the results of my latest contest, where I am giving away a FREE Copy of the Certified Wireless Technology Specialist (CWTS) Study Guide. I promise that I will comb through the entries in the next couple of days and post the results.
In the meantime, I did want to publish some time sensitive material. I will be speaking this Wednesday (#WirelessWednesday) at the Sonoran Desert Security Users Group meeting in Phoenix, Arizona. I will be presenting on “High Density Wi-Fi – Lessons Learned From Apple’s iPhone Demo”.
The meeting details are below (my presentation is from approximately(9:15 – 10:30 AM). Feel free to reach out directly if you need additional information. If you are in the Phoenix area, I hope to see you on Wednesday!
What makes up a wireless LAN (WLAN)? Is it just the Access Point(s) and any associated WLAN controller(s)? Does it include anything else? Personally, I think of wireless LANs as a system. In my mind, there are three main parts to this system:
- The infrastructure
- The clients
- The environment
This includes not only the access point(s) and the WLAN controller(s), but any of the routing & switching gear used for uplinks. Also included in the infrastructure would be any of the network infrastructure / services leveraged by the wireless LAN (examples include RADIUS, Network Time Protocol, Syslog, etc.)
The IEEE 802.11 specification refers to these as “stations”. Clients/stations could be computers such as laptops or tablet PCs. Other examples of wireless stations include dual-mode phones, handheld scanners, etc. When thinking about the clients, realize this includes not only the hardware, but the software (such as a client driver or management supplicant).
This most commonly refers to the Radio Frequency environment. The RF environment can be evaluated with a spectrum analyzer, which can show you the signal level of your APs, the noise floor, and any interference in the area. Interference can come from other Wi-Fi devices, or non Wi-Fi devices (such as microwave ovens, cordless phones, and Bluetooth). I also think of the Physical environment, which is the type of construction materials used, the amount of vegitation in the area, the terrain/line-of-sight, etc.
I often get called out in troubleshooting situations. In many of these cases, the infrastructure has been evaluated as a potential source for issues (for example, are the authentication/encryption settings correct), but the clients and the environment have been neglected.
In these troubleshooting scenarios, it is imperative to take a thorough look at all three components. Not only should you take a look at the configuration file of the infrastructure, but ensure that wireless clients have the most up-to-date drivers. Look to see that clients power-save and roaming agressiveness settings are appropriate for the application. Double-check to see there is no interference from Wi-Fi or non Wi-Fi sources, etc. In short, evaluate your WLAN as a system.
This was the last day for the Management 512 “Security Leadership Essentials for Manager’s” course. Day 5 was a Management Practicum.
The Day 5 material was the most focused on pure management with less attention on technical information. The topics included understanding legal liability and managing technical employees.
As a management “practicum”, I was hoping for more scenarios, role-play, or exercises. That being said, the class did have an outstanding discussion on the topics at hand.
MGMT 512 uses a trademarked feature called “Knowledge Compression”. Most of the full length courses are 6 days. There are also a handful of one day courses that are being offered, so the conference runs throughout this weekend.
I had a GREAT time participating in the SANS work-study program. One of the most memorable moments was when the hotel staff asked if we wanted to jump in a bounce house they set up. Apparently they had it set up to model to a different group and thought someone should get some use out of it before they deflated it.
We collectively thought it would be a good idea to get a picture of us all jumping around with and post it on the website with a caption of “Volunteering at SANS is fun!”. Well, the bounce house had a “structural failure”. To make a long story short, I ended up folded like a taco in a corner of the bounce house with everything collapsing around me. Needless to say, we were all laughing pretty hard. Hopefully, I can get a copy of one of the pictures taken. Check out the SANS website if you are interested in their work-study program – I highly recommend it!
I’ll cut to the chase and give you the bottom line up front…
My favorite part of today’s conference were the SANS @night presentations. These are optional (and free) presentations that the SANS Institute supports on selected evenings of their conferences. One of today’s @night talks covered Web App Security and the other covered Man-in-the-Middle Attacks.
Web App security was given by Rich Mogull (@rmogull) and the MitM Attack talk was given by Bryce Galbraith. Saying that they were *PACKED* with information is an understatement. There are many intangible benefits of attending a SANS conference, and the @night presentations definitely top that list!
I also enjoyed my “normal” course, “Security Leadership Essentials for Managers”. I particularly enjoyed the conversation around malware and endpoint security. My take-away is that white listing is the future in this area. I Tweeted about this realization on my Twitter timeline (@wifijedib).
There were also a few logistical challenges today – the first was that one of the instructors came down with bronchitis and lost his voice. The SANS conference staff were able to schedule temporary work-around and work in a backup instructor in an incredibly short amount of time. Also, there was an internet outage at the conference hotel. Again, the conference staff worked tirelessly to resolve and developed an immediate work around. I was impressed with their ability to handle these situations – how strong are your business continuity processes?