Just like the wired world, there is really no technical defense against denial-of-service attacks.
We just have to deal with them as they come along, through management and policy. Bao On Fri, May 14, 2004 at 02:27:05PM -0700, Davis Park wrote: > ---------- Forwarded message ---------- > New flaw takes Wi-Fi off the air > By Patrick Gray, Security Focus ([EMAIL PROTECTED]) > Published Thursday 13th May 2004 21:29 GMT > <http://www.theregister.co.uk/2004/05/13/wifi_security_flaw/> > > A newly-discovered vulnerability in the 802.11 wireless standard allows > attackers to jam wireless networks within a radius of one kilometre > using off-the-shelf equipment. > > Affecting various hardware implementations of the IEEE 802.11 wireless > networking standard - including widely used 802.11b devices - the flaw > was found in the collision avoidance routines used to prevent multiple > devices from transmitting at the same moment. > > "When under attack, the device behaves as if the channel is always > busy, preventing the transmission of any data over the wireless > network," a security advisory > > (http://www.auscert.org.au/render.html?it=4091) released by AusCERT reads. > > The weakness allows miscreants to take down networks within five > seconds, according to researchers at Australia's Queensland University > of Technology's Information Security Research Centre (ISRC), which > discovered the vulnerability. > > ISRC's leader of network and systems security research, Associate > Professor Mark Looi, whose PhD students, Christian Wullems, Kevin Tham > and Jason Smith discovered the flaw, said any organization that relies > heavily on wireless infrastructure should take the threat seriously. > > "Anyone who's relying on the availability of a wireless network should > really consider that their wireless network can be knocked offline at > any time," said Looi. "They need to very seriously evaluate that > network and decide if it's possible to move away from wireless > technology." > > While previous denial of service attacks against wireless networks have > required specialised hardware and relied on high-power antennas, the > new attack will make knocking a wireless network off the air an option > for a "semi-skilled" attacker using standard hardware. > > "An attacker using a low-powered, portable device such as an electronic > PDA and a commonly available wireless networking card may cause > significant disruption to all WLAN traffic within range, in a manner > that makes identification... of the attacker difficult," The AusCERT > advisory read. > > Because the flaw is in the 802.11 protocol itself, the vulnerability > cannot be mitigated through the use of software or encryption schemes. > Replacing wireless devices with those not affected by the flaw seems > the only option, said Looi. > > "Mitigation strategies are few and far between," Looi said > "Organisations could deploy wireless networks that don't use this > technology, [but] it will be a very expensive exercise." > > The flaw is only present in devices using a Direct Sequence Spread > Spectrum (DSSS) physical layer, including IEEE 802.11, 802.11b and > 802.11g wireless devices operating at low speed. 802.11a and 802.11g > wireless devices configured to operate at speeds above 20Mbps are not > affected by the glitch, > > AusCERT senior security analyst Jamie Gillespie does not anticipate the > wide exploitation of the vulnerability. > > "For the average corporate user, we're not expecting to see ongoing > denial of service attacks. However, if you have remote equipment that > is only connected through wireless it is possible that the connection > could be disrupted," Gillespie said. "Some critical infrastructure > providers may not deploy wireless... but if any do then they should be > looking at mitigation strategies." > > The lack of a "measurable result" during an attack is likely to render > the average attacker bored, Gillespie added. > > Unlike flaws discovered in the WEP encryption scheme, the > newly-disclosed vulnerability will not allow an attacker to snoop on > network communications. > > The ISRC findings will be presented to the Institute of Electrical and > Electronic Engineers (IEEE) Wireless Telecommunication Symposium in > California on Friday. > -- Best Regards. Bao C. Ha Hacom OpenBrick Distributor USA http://www.hacom.net voice: (714) 530-8817 fax: (714) 530-8818 8D66 6672 7A9B 6879 85CD 42E0 9F6C 7908 ED95 6B38
