Researchers unveil vulnerabilities in Cisco's WiFi gear

If you're a business that's deployed Cisco's wireless LAN gear, be aware that your private data could be at risk. Last week, two researchers at German testing lab ERNW illustrated how easy it is to attack a Cisco WiFi wireless LAN device.

During a presentation called "Hacking Cisco Enterprise WLANs," the researchers showed how a hacker could compromise two generations of Cisco's WiFi equipment: Structured Wireless Aware Network (SWAN) and Cisco Unified Wireless Network (CUWN).

By exploiting weakness in Cisco's Wireless LAN Context Control Protocol (WLCCP), which enables data to be sent between access points, a hacker could launch a denial of service attack and look into encrypted traffic on the SWAN gear. While CUWN's use of cryptography offered a higher level of security over SWAN, the use of SNMP (simple network management protocol) in its web management interfaces made the devices vulnerable to security attacks

Although the session focused on Cisco, ERNW researcher Enno Rey pointed out that many vendors' WiFi equipment have security issues. "All of these [vendors'] solutions have skeletons in the closet," he said. "This is not so much about Cisco bashing."

For more:
- ZDNet UK has this article

Suggested Articles

Like most telcos, there are challenges ahead for CenturyLink, but one area it can bank on is its fiber network both here and abroad.

With the surge of data-hungry gamers battling for the best experience, how will your network rise to the challenge?

Listen now.

It's going to be fun watching the epic battle unfolding between hedge fund giant Elliott Management and massive conglomerate AT&T.