WAP Attack!
Wireless phones have become so popular that they have largely merged
with personal digital assistant (PDA) devices. Now, a mobile employee has
essentially a mini-computer that can be used to access e-mail, Web pages,
and even information from your corporate database anywhere and at any
time. While this may sound like a good thing for productivity, it leaves gaping
holes in your security for people to take advantage of.
These devices are vulnerable to attacks that break through wireless
transport layer security (WTLS), which is essentially the same as
SSL/TLS in the TCP/IP protocol. WTLS is used to protect the data
transmitted between cellular or wireless devices to the WAP gateway.
There are several types of attacks that occur in the wireless domain.
These include trying to crack specific plaintext data recovery, datagram
truncation, message forgery, and key-search shortcut attacks. These types
of attacks exist because of bad protocol design and poor implementation.
These attacks succeed largely because of people who understand the methods
behind cryptography and how the WTLS protocol works.
195 times read
|
|
|
Did you enjoy this article?
(total 0 votes)
|
Sections
Comments (0 posted)
Syndication
