Windows Wireless Networking Flaw Identified

Posted by Zonk on Sunday January 15, 2006 @01:44AM from the like-me-complicated-but-interesting dept.

An anonymous reader writes "Washingtonpost.com is reporting from the 2nd annual Shmoocon hacker conference about the release of a previously undocumented vulnerability in Windows. The flaw takes advantage of a feature on Windows laptops that have wireless cards built-in. Security researcher Mark Loveless found that Windows laptops which cannot find a wireless connection are configured to broadcast the name of the last SSID they associated with. They assign themselves an ad-hoc 'link local' (think 169.254.x.x.) address, and an attacker can configure his machine to broadcast an SSID of the same name. Thus, the attacker associates with that 'network' and communicates directly with the victim's machine. The funny part from the Post blog entry is that Microsoft helped author the RFC for link local."

1 of 225 comments (clear)

Min score:

Reason:

Sort:

Hmmm by Anonymous Coward · 2006-01-15 01:52 · Score: 0, Flamebait

This is very interesting. I had feared a situation like this for a long time and have always regarded the "Centrino" laptops as a problem for corporate security. But, to be fair, I have not seen this behavior as yet. Having managed dozenes of laptops I have yet to see one assign a link local address. They always pop-up and ask if you want to connect to a detected Access Point(AP) but, telling them NO ends it there.

Have I been blind or is there a bit more involved in this attack?