Karlnet
[Top] [All Lists]

[Karlnet] QUT researchers find WiFi flaw

To: <karlnet@WISPNotes.com>
Subject: [Karlnet] QUT researchers find WiFi flaw
From: "Robert Farrar" <robert@secnet.net.au>
Reply-to: Robert Farrar <robert@secnet.net.au>,Karlnet Mailing List <karlnet@WISPNotes.com>
Date: Sat, 15 May 2004 09:31:53 +0930
List-post: <mailto:karlnet@WISPNotes.com>
Hello List,

I am just wondering if any of you on the list are aware of the following
flaw with 802.11 networks and how it will effect if at all a Turbocell
wireless network :-

QUT researchers find WiFi flaw
Kate Mackenzie
MAY 13, 2004

RESEARCHERS at the Queensland University of Technology have discovered an
easily-exploited vulnerability which can be used to take down most 802.11
wireless networks.

The flaw operates at lower network layers than most previously-discovered
security flaws in 802.11 networking, and affect any network operating at the
2.4GHz frequency - which is the sole frequency used by the most popular
wireless protocol, 802.11b.
Associate Professor Mark Looi's PhD students Christian Wullems, Kevin Tham
and Jason Smith discovered the flaw while investigating wireless security
mechanisms.
Mr Wullems will present at an Institute of Electrical and Electronic
Engineers (IEEE) Wireless Telecommunication Symposium in the US tomorrow and
AusCERT has issued an advisory today.
The researchers said the vulnerability was "trivial" - or easy - to exploit.
Testing was carried out in the small hours to avoid accidentally taking down
other networks, and the researchers used a laptop running Linux Fedora Core
1 and a Compaq Ipaq running Familiar Linux.

The attack works by sending signals used at the physical and MAC address
layers which are used to warn that devices are busy. As it applies to the
2.4GHz frequency, 802.11b is most vulnerable. The 802.11g standard also uses
the 2.4GHz spectrum but depending on configuration, some 802.11g networks
would be able to ignore such an attack.
"I don't think it's necessarily going to cause widescale panic," Professor
Looi said of the discovery. "The hopeful effect will be it's going to cause
a lot of organisations to evaluate carefully what they use wireless networks
for, and put in place necessary actions to prevent problems."
Several well-publicised security vulnerabilities have been discovered in
802.11b concerning wireless encryption protocol or WEP, which can be
relatively easily penetrated.
However unlike the WEP problems, the flaws discovered by the QUT researchers
cannot be addressed using encryption and will not be addressed by the
emerging 802.11i standard.
Professor Looi said despite the WEP flaws, many organisations were not
cautious enough about their wireless networks. He recommended any
organisation running an 802.11b or 802.11g network to carry out a radio
survey to determine how far away their network can be accessed.
"If they discover they can be attacked from out on the street or the
carpark, for example, they need to think seriously about re-planning their
network," he said.
AusCERT senior security analyst James Gillespie said proprietary solutions
would also be useless against the attack.
"If it's in 2.4GHz and using DSSS (direct sequence spread spectrum) in the
physical layer, it doesn't matter if you're using encryption or any of the
new Cisco LEAP protocols or anything like that... it's at the lowest level,"
Mr Gillespie said.
However he pointed out that the vulnerability could not be used to intercept
data.
Despite the ease with which the vulnerability could be exploited, he said
AusCERT did not expect that to see widespread network attacks using the
newly-discovered method.
"It doesn't have rewards for most people - there are of course instances
where a targeted DOS would serve the purpose of the attacker, however most
attackers have been interested in taking down entire networks, not just a
wireless network," he said.
Mr Gillespie said relevant vendors had been informed about the vulnerability
under embargo to determine the effectiveness of the attack, mitigating
factors and whether software or hardware upgrades would be required.
The discovery will lend some prestige to local research.
"Absolutely - any vulnerabilities that are discovered lend a certain amount
of prestige to the organisation being the first to discover it, fully
document it and present it," Mr Gillespie said.
"It also shows that Australian IT research and development is up there with
the rest of the world, and we're not just a bunch of surfers in Brisbane."

>From I can gather it was first found in November last year ?

Robert Farrar
Network Operations Manager
South East Communication Network
http://www.secnet.com.au
robert@secnet.net.au
Phone 0887230155 or 0417206097

_______________________________________________
Karlnet mailing list
Karlnet@WISPNotes.com
http://lists.wispnotes.com/mailman/listinfo/karlnet

<Prev in Thread] Current Thread [Next in Thread>