Murray Associates Electronic Eavesdropping Detection TSCM Bug Sweep Logo
New York area headquarters
Services available worldwide

Advanced
Eavesdropping
Detection Audits
for Business & Government

• Boardrooms
• Trading floors
• Executive suites
• Conference rooms
• Vehicles and aircraft
• Corporate apartments
• Quarterly Board meetings
• Off-site business meetings
• Executive homes & offices
• Celebrity privacy protection
• WLAN security & compliance

Global
TSCM Program Management

Home   iPhone VersioniPhone version of TSCM eavesdropping detection web site

Services
     • Introduction
     • Qualifications
     • Instrumentation
     • Subcontracting
      • Innovations
     • Staff
 
Information
     • FAQs
     • Contact
     • Downloads
     • Client Reviews
     • Comparison Chart
     • Get an Estimate (Worksheet)
 
Extras
     • Insider Tips
     • Operating Policy
     • Ask your questions
     • 100+ Spybuster Tips
     • The One Minute TSCM Quiz
     • MoviesCartoonsBooks
     • Eavesdropping History
 
Eavesdropping News
     • Kevin's Security Scrapbook
This appears if user doesn't have JavaScript enabled, or doesn't have the required Flash Player version.


Spybusters, LLC dba
Murray Associates
PO Box 668
Oldwick, NJ 08858 (USA)
+1-908-832-7900

Eavesdropping Detection and Counterespionage Consulting enquiries are invited from corporate, government and professional security entities.

TSCM Eavesdropping Detection Services US FlagFor federal procurement purposes, U.S. Government regulations classify Murray Associates as a Small Business, Professional Consulting Firm.

Registered Vendor:
• National Security Agency (NSA ARC)
• DoD - CCR
• Exostar SourcePass
• Jones Lang LaSalle
• ISNetworld
• Ariba


Certified Protection Professional CPP TSCM


Certified Information Security Manager - CISM TSCM


ACFEI - Forensic Science Diplomate TSCM

Certified Fraud Examiner CFE - www.cfenet.com


International Association of Professional Security Consultants - IAPSC TSCM


American Society for Industrial Security ASIS TSCM


ERI - Espionage Research Institute


High Technology Crime Investigation Association HTCIA TSCM


InfraGard TSCM

Use of this site indicates acceptance of Terms of Use, Linking, Site Map and Privacy Statements.

©1996-2010, Spybusters, LLC (100304)



Wireless Local Area Network
Security Audits &
Compliance Reports...



Just one loophole...
Hackers are in.
Data is out.
&
"You are out of compliance."


Murray Associates Independent Wireless LAN (WLAN) Audits inexpensively help guard against eavesdropping, data disasters and government penalties.

• Audits are unobtrusive.
• Audits are inexpensive.
• Audit scheduling is easy.


FREE, NO OBLIGATION
AUDIT ESTIMATE



Privacy Laws and Directives
• Sarbanes-Oxley Act – U.S. Public Companies
• HIPAA – Health Insurance Portability and Accountability Act
• GLBA – Gramm-Leach-Bliley Financial Services Modernization Act
• PCI-DSS – Payment Card Industry Data Security Standard
• FISMA – Federal Information Security Management Act
• DoD 8100.2 – Use of Commercial Wireless Devices, Services,
and Technologies in the Department of Defense Global Information Grid
• ISO 27001 – Information Security Management
Basel II Accord – Banking
• EU - CRD (Cad 3) – EU - Capital Requirements Directive - Banking



"Which WLAN issues are covered?"

Configuration Vulnerabilities
Ad-hoc Station Detected
AP Broadcasting SSID
AP Configuration Changed
AP Operating in Bridged Mode Detected
AP Using Default Configuration
Device Vulnerable to Hotspot Attack Tools
Exposed Wireless Station Detected
LEAP Vulnerability Detected

IDS—Denial of Service Attack
Denial of Service Attack against AP
DoS: Association Flood
DoS: Association Table Overflow
DoS: Authentication Flood
DoS: EAP ID Flood Attack
DoS: EAPOL-Start Attack
DoS: PS Poll Flood Attack
DoS: Unauthenticated Association
Denial of Service Attack against Infrastructure
DoS: CTS Flood
DoS: Queensland University of Technology Exploit
DoS: RF Jamming Attack
DoS: Virtual Carrier Attack
Denial of Service Attack against Station
DoS: Authentication-Failure Attack
DoS: De-Authentication Broadcast
DoS: De-Authentication Flood
DoS: Disassociation Broadcast
DoS: Disassociation Flood
DoS: EAPOL-Logoff Attack
DoS: FATA-Jack Tool Detected
DoS: Premature EAP-Failure Attack
DoS: Premature EAP-Success Attack
IDS—Security Penetration
Airsnarf Attack Detected
Device Probing for APs
Dictionary Attack on EAP Methods
EAP Attack Against 802.1x Authentication
Fake APs Detected
Fake DHCP Server Detected
Hotspotter Tool Detected
Illegal 802.11 Packets Detected
Man-in-the-Middle Attack Detected
NetStumbler Detected
Potential ASLEAP Attack Detected
Potential Honey Pot AP Detected
Publicly Secure Packet Forwarding (PSPF) Violation
Soft AP or Host AP Detected
Spoofed MAC Address Detected
Unauthorized Association Detected
Wellenreiter Detected
Fast WEP Crack (ARP Replay) Detected

Rogue AP and Station Identification
Rogue AP
Rogue AP by Channel
Rogue AP by IEEE ID (OUI
Rogue AP by MAC Address (ACL)
Rogue AP by SSID
Rogue AP by Wireless Media Type
Rogue AP Traced on Enterprise Wired Network
Rogue Station
Rogue Station by Channel
Rogue Station by IEEE ID (OUI)
Rogue Station by MAC Address (ACL)
Rogue Station by SSID
Rogue Station by Wireless Media Type

Authentication and Encryption Issues
Static WEP Encryption issues
AP with Encryption Disabled
Client with Encryption Disabled
Crackable WEP IV Key Used
Device Using Open Authentication
Device Using Shared Key Authentication
WEP IV Key Reused
VPN
Device Unprotected by VPN
WPA and 802.11i issues
802.1x Rekey Timeout Too Long
802.1x Unencrypted Broadcast or Multicast
Device Unprotected by 802.1x
Device Unprotected by EAP-FAST
Device Unprotected by PEAP
Device Unprotected by TKIP
WPA or 802.11i Pre-Shared Key Used
Device Unprotected by IEEE 802.11i/AES
Other Encryption and Authentication Methods
Device Unprotected by Other Encryption
Device Unprotected by Fortress Encryption

Performance Violation Alarms
Channel or Device Overload
AP Association Capacity Full
AP Overloaded by Stations
AP Overloaded by Utilization
Excessive Bandwidth Usage
Excessive Multicast/Broadcast

Deployment and Operation Error
Configuration Errors
Ad-Hoc Node Using AP’s SSID
Conflicting AP Configuration
Higher Speed Not Supported
Missing Performance Options
Simultaneous PCF and DCF Operation
Unassociated Station Detected
Device Down or Malfunctions
AP System or Firmware Reset
AP with Flawed Power-Save Implementation
IEEE 802.11g Issues
802.11g AP Beacons Wrong Protection
802.11g AP with Short Time Slot
802.11g Protection Mechanism Not Implemented
802.11g Protection Mechanism Overhead
Device Thrashing Between 802.11g and 11b
802.11g Device Using Non-Standard Data Rate
802.11g Pre-Standard Device

IEEE 802.11e and VoWLAN Issues
AP Overloaded by Voice Traffic
Channel Overloaded by Voice Traffic
Power-Save DTIM Setting Not Optimized for Voice
VoWLAN Multicast Traffic Detected
Excessive Roaming Detected on Wireless Phones
Voice Quality Degradation by Interfering APs

Problematic Traffic Pattern
Excessive Fragmentation Degrading Performance
Excessive Frame Retries
Excessive Low Speed Transmission
Excessive Missed AP Beacons
Excessive Packet Errors
Excessive Roaming or Re-Associations
High Management Traffic Overhead
Streaming Traffic from Wireless Device

RF Management
Channel with High Noise Level
Channel with Overloaded APs
Hidden Station Detected
Insufficient RF Coverage
Interfering APs Detected
RF Regulatory Rule Violation

Diagnostic Alarms
Mismatched SSID
Wildcard SSID
Mismatched Channel
Mismatched Privacy
Authentication Failure
Re-associartion Failure
Equipment Failure
Mismatched Speed or Network
AP Signal Too Weak
Mismatched WEP Key
Higher Layer Protocol Problem
802.1x Authentication Failure
Unanswered RTS