AusCERT, Australia's national computer emergency response team, released an advisory today identifying a vulnerability in the 802.11 wireless specification that could open wireless networks to denial-of-service attacks.
The advisory targets a new cause for concern among wireless network administrators. Until now, concerns about Wi-Fi security have focused on weak encryption and lack of authentication in WEP (Wired Equivalent Privacy), the native security mechanism in the IEEE 802.11 standard that defines wireless networking.
The attack that AusCERT describes is, at bottom, a flaw in the 802.11 protocols. One of the 802.11 physical layers uses DSSS (direct sequence spread spectrum) technology. The DSSS layer performs the CCA (clear channel assessment) procedure, which is an essential part of CSMA/CA, a collision-avoidance scheme that is fundamental to most networking technology, including conventional wired Ethernet.
The attack involves using the CCA layer in a legal but abusive way to instruct other devices in the operating range to defer transmission of data. The other devices will continue to defer for the duration of the attack. If the attack were to end, the network should recover very quickly.
View: The full story
News source: eWeek
The advisory targets a new cause for concern among wireless network administrators. Until now, concerns about Wi-Fi security have focused on weak encryption and lack of authentication in WEP (Wired Equivalent Privacy), the native security mechanism in the IEEE 802.11 standard that defines wireless networking.
The attack that AusCERT describes is, at bottom, a flaw in the 802.11 protocols. One of the 802.11 physical layers uses DSSS (direct sequence spread spectrum) technology. The DSSS layer performs the CCA (clear channel assessment) procedure, which is an essential part of CSMA/CA, a collision-avoidance scheme that is fundamental to most networking technology, including conventional wired Ethernet.
The attack involves using the CCA layer in a legal but abusive way to instruct other devices in the operating range to defer transmission of data. The other devices will continue to defer for the duration of the attack. If the attack were to end, the network should recover very quickly.
View: The full story News source: eWeek
What's New
- Added "Recommended Settings" button and removed Select All and Unselect All buttons.
- Made minor cosmetic changes.
- Some minor bugs fixed.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.