Buffalo AirStation Pro 802.11n – Business-Class Wireless AP

Buffalo AirStation Pro 802.11n

Two new Buffalo business-class wireless access points are now available locally – Bufallo AirStation Pro 802.11n Gigabit Dual Band PoE Wireless Access Point and AirStation Pro 802.11n Gigabit Concurrent Dual Band PoE Wireless Access Point.

You probably don\’t need these in your house unless you live in a mansion. However, if you own a business you should consider getting a business-class wireless Access Point (simply wireless AP).

I think this is the first time I mentioned AP in my blog so let\’s define what is an AP first.

We are used to having a modem, router and access point rolled into one device that comes with our DSL or cable internet connection so no one cares what an AP or a router is, unless you\’re a geek. Technically speaking a wireless AP will only extend your wireless range so that you can connect to a network and get internet access. By itself, an AP cannot connect to the internet. Router on the other hand is the device responsible to your internet connection and can be configured as an AP or it comes with a wireless AP attached to it so that you can connect wirelessly. An AP cannot function as a router.

\"Buffalo

When you go to malls or big offices and you see boxy devices hanging from the ceiling with antenna, they are most-likely wireless AP.

Going back to Bufallo AirStation Pro, the only real difference between the two Buffalo AirStation Pro 802.11n AP models is that the first one has selectable Dual band support which means you can select either 5 GHz or 2.4 GHz frequencies at 300 MBbps max. The other one has a concurrent dual band technology, or in other terms MIMO, that creates  two separate wireless network on 5 Ghz and 2.4 Ghz frequencies at 300 MBbps max each.

These Buffalo AirStation wireless AP also feature plenum-rated chassis which means you can place these wireless AP inside a plenum (air vents or just about any place up the ceiling where air circulates). That also means they are extra though. They also support Power over Ethernet (PoE) so you can power these devices with Ethernet cables where power  cables can\’t reach.

Buffalo expands wireless offering with new business-class wireless access points

Buffalo Technology, a global leader in the design, development and manufacturing of wired and wireless networking and network and direct attached storage solutions, today announced two new enterprise-class wireless access points, AirStation Pro 802.11n Gigabit Dual Band PoE Wireless Access Point and AirStation Pro 802.11n Gigabit Concurrent Dual Band PoE Wireless Access Point. Designed for professional deployments, these AirStation Pro wireless APs offer robust and secure dual band wireless networks with business-class features and the convenience of Power over Ethernet (PoE).

Buffalo\’s AirStation Pro 802.11n Gigabit Dual Band PoE Wireless Access Point provides high performance 802.11n speeds and coverage, with selectable operation on one of two available bands, 2.4 GHz or 5 GHz. The AirStation Pro 802.11n Gigabit Concurrent Dual Band PoE Wireless Access Point offers simultaneous operation on two concurrent bands for greater networking capacity and flexibility. AirStation Pro wireless APs are designed for deployment in professional settings and offer users a lineup of business-class features:

  • Integrated Power over Ethernet (PoE): 802.11af PoE allows the device to be powered without an AC power source for easy installation and placement, even on high ceilings, drop ceilings, walls and other locations where power may not be available. By using a PoE switch, users can install the AP anywhere they can run an Ethernet cable.
  • Plenum-Rated Chassis: AirStation Pro APs feature plenum-rated chassis and multiple mounting options for greater flexibility in installation locations, enabling users to safely install these units above ceiling tiles.
  • Multi-SSID / VLAN Tagging: Administrators can easily create multiple SSIDs with different security passphrases for easy network segmentation and added security. Network administrators can assign each SSID a VLAN tag to specify what network access that SSID receives.
  • Wireless Distribution System: WDS allows users to easily extend coverage of their wireless network by interconnecting multiple access points. Easily bridge a WLAN spanning multiple buildings or expand coverage in a home to hard to reach locations.
  • Removable Antennas: Easily add high gain antennas for longer range, wireless bridging or backhaul solutions. AirStation Pro APs use industry-standard RP-SMA connectors, compatible with readily available third-party solutions.
  • 802.1X RADIUS Authentication Support: Provides enterprise-grade access restrictions, helping to keep unauthorized users out. By moving authentication to a backend RADIUS server, only specified and authorized wireless devices are permitted to connect to the wireless network.

Buffalo AirStation wireless access points are available through MSI-ECS Phils. Inc.  For availability and pricing, please call 688-3180 or email [email protected]

Read more

Blacksheep: Firesheep Protection

Several days after the controversial Firefox extension Firesheep was released, hacker wannabes can now automate HTTP session hijacking on an unencrypted wireless network. Many people came up with different protections like forced HTTPS and VPN. In addition to these available options, a new Firefox plugin called Blacksheep was released by Zscaler security to countermeasure Firesheep.

\"Firesheep
Blacksheep detects Firesheep by tricking the hacker with a fake cookie. In turn, Blacksheep alerts the user when someone is using Firesheep in the network. It displays the IP address of the hacker and serves as a warning as well. Note that both BlackSheep and Firesheep have the same codebase so you can’t run them simultaneously at the same Firefox session. You can’t play the bad guy and the good guy at the same time. :)

So far, everything about Blacksheep sounds convenient and helpful but as mentioned in PCMag, it is not the best protection against HTTP session hijacking. There are other sidejacking and hijacking tools out there; Blacksheep is specifically tailored for Firesheep so it still leaves you helpless against other unencrypted wireless network exploits.

The best solution is to not use unencrypted wifi at all. If you are stubborn at least use VPN to encrypt the traffic. Consider that you have been warned already. Prevention is always better than cure. Protect yourself.

Read more

Firesheep Makes HTTP Session Hijacking Simple

\"Fire-sheep\"

Who would have thought that a single Firefox extension can get massive attention from security analysts, media and even the public? Firesheep makes anyone uncomfortable using free unencrypted wireless network because Firesheep capture and exploit HTTP session cookies in an unsecure wireless connection. Anyone who installed the extension could easily hack someone else’s Facebook and Twitter account, and possibly every login that relies on cookies.

I was impressed when this extension was released for Firefox. If you are using OSX you don’t even have to download any pre-requisite software. In Windows, you have to install some packet capture software first. After installing the extension, roam around, use any free and unencrypted wifi, and you can hack already. It’s that simple. Anyone could be a hacker these days.

HTTP session hijacking is a serious security flaw. Something that you shouldn\’t ignore. It was discussed in the blog of Firesheep’s developer, Eric Butler:

HTTP Session hijacking, as a vulnerability, is nothing new in the year 2010. It is a security vulnerability that people have been aware of for quite some time, with notable tools and papers existing at least since 2004 on this exact subject. OWASP (The Open Web Application Security Project) categorizes the issues responsible for HTTP Session Hijacking in to one of it’s Top 10 Web Security Risks, “A3: Broken Authentication and Session Management”.

There are several ways to protect yourself from the exploit. The most obvious is you should never use unencrypted wireless access. Use WPA or stronger encryption, if available, in your wireless network. You can also use browser extensions to force secure HTTP or HTTPS on supported websites like HTTPS Everywhere. Other methods involves using SSH (Secure Shell) and VPN. You read how to do it here and here.

The release of Firesheep creates more awareness in the danger of HTTP session hijacking and the peril of using unsecured wireless connection.

So the next time you stop by your favorite coffee shop, I dare you to use the free unsecured wifi. I might be just around the corner stealing your cookies. Nomnomnom.

Credit: image taken from Taltopia.

Read more