May 14, 2004
Students uncover new Wi-Fi vulnerability
Attackers could shut down WLAN with just a handheld device
Recommend ThisStudents at the Queensland University of Technology Information Security Research Centre in Australia have uncovered a flaw in an IEEE 802.11 (Wi-Fi) protocol that allows attackers with a simple Wi-Fi-enabled handheld device to effectively shut down a wireless local area network.
The report, published by AusCERT (Australian Computer Emergency Response Team), a not-for-profit organization based at the university, reports that a DoS attack is made possible by a vulnerability in the MAC (Medium Access Control) function of the IEEE 802.11 protocol.
The report states:
"WLAN devices perform Carrier Sense Multiple Access with Collision Avoidance [CSMA/CA], which minimizes the likelihood of two devices transmitting simultaneously. Fundamental to the functioning of the CSMA/CA is the standards-compliant hardware and performed by a Direct Sequence Spread Spectrum [DSSS] physical layer."
The report says that attackers can exploit the CA (Collision Avoidance) function and cause both access points and client devices within range of the attacker to "defer transmission of data for the duration of the attack."
If an attack occurs, devices act as if the channel is busy, thus putting a halt to any transmission of data over the network.
According the report, the flaw in the CA layer can be exploited by a "semi-skilled" attacker using a simple wireless device.
Frank Hanzlik, managing director for the Wi-Fi Alliance, said the Alliance is aware of this latest attack scenario and is "looking into the claims that there are low-cost hardware [devices] that can do this."
However, Rich Mironov, who calls himself a "reformed engineer" and is a vice president of marketing at AirMagnet, said DoS attacks are sometimes inadvertent.
"At the Javits Center in New York at an Apple show, somebody was wandering the show floor with a broadcasting card in his laptop. Everywhere he went he shut down the network for a couple of hundred feet by crowding out traffic in all directions. His device was randomly running up and down all the channels," Miranov said.
AirMagnet has a tool that can locate the attacker by discovering the MAC address of the attacker's device. The AirMagnet tool clicks louder and louder as it approaches the attacker. It can also identify sixteen different attacks, said Mironov.
The AusCERT report concludes by saying the vulnerability of the CA layer will not be mitigated by emerging MAC layer security enhancements in IEEE 802.11i.
Ephraim Schwartz is an editor at large at InfoWorld. He also writes the Reality Check blog.
White Paper
D2D Virtual Tape Library Replication Primer
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
White Paper
An Alternative to Virtualization for Datacenter Cost Savings
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
White Paper
Why Your Firewall, VPN, and IEEE 802.11i Aren't Enough to Protect Your Network
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
White Paper
Bringing the Edge to the Data Center
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
- How Zscaler Tackles Emerging Web Threats with High Speed, Real-Time Content Inspection in the Cloud | White Paper
- Upgrading to VMware vSphere with vWire | White Paper
- Removing Barriers To Better Server Virtualization Efficiency | White Paper
- Windows Phones and Unified Communications | White Paper
- Lower the Cost and Complexity of a Mobile Workforce through Automation | Webcast
Sign up to receive Networking Resource Alerts
Make IT work as one. Register for Novell BrainShare 2010. Complimentary Energy Efficiency Kit - Cut Energy Costs NowStay informed with custom newsletters from Tech DispenserSee how AT&T can help protect your network. HP ProLiant G6 Servers. Perform like a superstar, Save like an accountant.HP ProLiant G6 Servers. Perform like a superstar, Save like an accountant.Unified Communications: Thoughts, Strategies and Predictions. Join the discussion.Increase UPS efficiency without sacrificing protectionIn less than 45 minutes, Palisade Systems protects your dataA smarter approach to IT is needed. That smarter approach is IBM CloudBurst.
Return on Information: Google Enterprise Search pays you back. Get the facts.Analytics: Use your data to drive insights that enable better decisions.Restrict internet access with GFI WebMonitor™. Now 30% Off! www.gfi.com/web-filterToday’s IT means business. New eBook shows you how to align your IT investments.Limited-time offer: Save up to $100 on Polycom phones. 64-page prescriptive guide to security, compliance, and IT operations.Learn about Foundations of Green IT, from CTO Marty Poniatowski802.11n Drives an Architectural EvolutionSee IBM CloudBurst's self-service user interface in actionVideo: Simplifying the IT environment for better productivity with IBM
