-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lee H Badman wrote: > I do know that it is standard (but concerning) practice to take the MIC > timer from 60 seconds down to zero to overcome clients that trigger the > countermeasure and thus cause what amounts to a DDOS- is sort of a > damned if you do, damned if you don't situation.
What isn't clear to me with this recommendation is this: if you reduce the MIC timer to 0, does that stop the AP from triggering countermeasures altogether (client stays connected regardless of multiple failures) or does the AP deauth the client without forcing them to wait any time before reconnecting? It seem ambiguous to me. If it's the former, then it's very dangerous in terms of attacking TKIP. If it's the latter, then, honestly, I don't have an issue with it. I think we're much too aggressive about TKIP MIC countermeasures anyway. - -Josh -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) iEYEARECAAYFAkk4FLUACgkQapC4Te3oxYxnRgCfdbirowSezMAHJ3AbvOvUSPbH fwoAn0p2SPKVKWULdCXtokUoY4Ng8SmP =ZZPL -----END PGP SIGNATURE----- ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
