-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As far as wireless security threats go, I'm concerned about attacks against wireless drivers. Tools such as Metasploit 3.0 make it simple to exploit vulnerable wireless drivers, a system compromise nets the attacker full host access since drivers run in ring0 of Intel processors, and there are few tools to help organizations assess this threat.
I've written a free tool for Windows administrators to assess wireless driver vulnerabilities called wifidenum. There is no sales or marketing business associated with this tool; it's my attempt to bring back the "good-old-days" when companies like eEye and FoundStone used to release simple, useful tools to help people deal with security threats, for free. Wifidenum scans Windows hosts over the Windows WMI interface to enumerate the drivers that are installed on hosts. Using a local MS Access database, wifidenum determines if any drivers are vulnerable, and generates a vulnerability assessment report in XML or HTML format. You can see a sample report and screenshot at: http://labs.arubanetworks.com/releases/wifidenum/sample-report.html http://labs.arubanetworks.com/releases/wifidenum/screenshot.png Since wifidenum uses a MS Access database, you are free to change the entries in the database to anything you like. One of the schools that helped me beta test this tool created their own database on driver versions that "just work", giving them a way to assess systems that have older drivers that require updates. Using the XML output, you could even integrate it with your ticketing system to open support requests to upgrade drivers as needed. Wifidenum is available at http://labs.arubanetworks.com/wifidenum (no "registration" required!). Comments, questions or bug reports are most welcome. Thank you! - -Josh - -- Joshua Wright [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iQIVAwUBRoPW7DWX3FIa1TkuAQIwYw/+JVIuL4QAyXwhNxplxWUiJgziBPGbbO6Q FXmDIFNQlnA4olKxGXnXgpp3BRqwcLNSHOPMZp1sPApiEzyrRkioCpYwSQa46sBD WJRWn/MfEm9q66QdMYoWI5MGOuirvVuneLmNVBVta7WjWQt1TKwjcsqTY1D3aNNl MHyT1/H/9I5JN80yrtkhpm4A5K39c3fAn3Rfu2ojTiqaRi4kJqAtEW06mWFdzhBK WU9dI8ZbR56Al/BWDNeqrL6kqHf9f53dfvxRzqfE1QPL0IkEpzSNjBpMKZDxv1yC ncYYLhrZwpAVFEusbtvkXAQsrKrd1XBIbWK/5CtQrFnq3v5mg4N7vnKO1e6qiYPm TgWPRxTK+X7Y50hSyYZmbmGWKNL5R7NWd6tpKc/o90qEQkKDDhhg3jLOFaNb2jm6 sJb4YYjuoghLACNmPTefpiLrKKdsjGGf8e8OWUSl3oJw7+QbNf90Ki9IHmlsy/9A Q0J9wOod2DWq2tbre4wurrDDx2zlDlZoN0aQRZI9Za+Z1trvsiG7SfEwikwfkcbz uneBMh2DwJgG3zNcfMKt0zBKxroLZa6wPmHpqwUAIht1aRC3gFuQhmJgaqKBqgA0 q2ABl1//EJ3oYPX5YarxYnOL4KC2lk/p49CU772hb5R5DNZoSYoFhuLmYdcEklbz yQwCCynMS1Q= =AXc8 -----END PGP SIGNATURE----- ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
