Slashdot Mirror

← Back to Stories (view on slashdot.org)

802.11 WiFi Denial of Service Exploit Discovered

Posted by simoniker on from the block-block-kick dept.

CRC'99 writes "The Queensland University of Technology has today announced yet another flaw in 802.11 products. AusCERT has the official statement, noting: 'An attacker using a low-powered, portable device such as an electronic PDA and a commonly available wireless networking card may cause significant disruption to all WLAN traffic within range, in a manner that makes identification and localisation of the attacker difficult.' Nice to know that a simple PDA could bring a WiFi network to its knees."

9 of 251 comments (clear)

  1. All your base station are belong to us by Gabrill · · Score: 4, Insightful

    Seams like the single most energetic use of all our new technology is figuring out new ways to break it.

    --
    Always going forward, 'cause we can't find reverse.
    1. Re:All your base station are belong to us by Diabolical · · Score: 4, Insightful

      Best way to ensure that these technologies are safe enough for their purpose.

      The alternative would be widespread adoption without any real security and a few nutcases having the possibility to break _and_ abuse the tech without anyone having the slightest idea of its insecurity.

  2. Re:how come... by isorox · · Score: 5, Insightful

    Same reason you get someone else to proofread your CV. A fresh pair of eyes will pick out the problems.

  3. Easy... by compacflt · · Score: 5, Insightful

    In case of a chain:

    It's easier to find a weak link in a chain, than it is to make all perfectly strong links.

    In case of a 'system':
    It's easier to find a single flaw than it is to build all parts well. (not to mention that all parts must also interact well, and do the job.)

  4. Re:how come... by Segway+Ninja · · Score: 5, Insightful

    Because the creators think one way, and the the "other people" think in totally another. Something the creators never thought possible could happen, simply because someone else sees the system on a different angle.

  5. Exactly how is this surprising? by Anonymous Coward · · Score: 5, Insightful

    A microwave oven can bring down a WiFi network. You could plug a 110 volt line into an Ethernet jack if you felt like it. All shared media networks require cooperation in order to run correctly.

    1. Re:Exactly how is this surprising? by jruschme · · Score: 3, Insightful

      Except that the 802.11b vendors seem to have some hardening against microwave ovens built into the drivers and firmware.

      I think the scary part of this is supposed to be the fact that one can bring down the network using nothing more than off-the-shelf hardware and a little custom software. Worse, it's hardware that is indistinguishable from what a legitimate user might have.

      Let's say, for instance, that I want to bring down the hotspot at my local Starbucks. It would probably be suspicious (or at least funny looking) if I whipped out a modified AP or some kind of UHF transmitter. OTOH, nobody would even notice if I pulled out an iPaq, tapped a couple of times on the screen, and *poof* the network halted.

      Now scale up a bit and say I connect to a decent antenna, sit out in the parking lot, and point this at your office... or your hospital...

  6. Re:how come... by zopu · · Score: 3, Insightful
    The simple answer is that there are far more users than there were testers. When more people look at a system, it's increasingly likely that someone will 'stumble' onto a bug.

    Also, it's easier to find an exploit in an established system. Now we have lots of hardware and available WLAN access points to play about with. It's quite difficult to 'hack' a specification...

  7. Just like a cell phone... by chrisbw · · Score: 3, Insightful

    This really isn't anything revolutionary. You can take down cell phones in the area that a handheld jammer can transmit. I don't think anyone has ever asserted that low-power wireless transmissions can't be DOS'ed by other low-power wireless transmissions.

    --
    Chris -- http://www.bitter.net/