Presentation on theme: "Andrew Taylor. Electronic/Phy layer Overpowering, modulation techniques Management Frame DoS i.e. RTS/CTS Application Specific Application layer vulnerabilities."— Presentation transcript:
Electronic/Phy layer Overpowering, modulation techniques Management Frame DoS i.e. RTS/CTS Application Specific Application layer vulnerabilities
Quick interference recap: Any type of interference is bad with 802.11g/a due to QPSK Error correction/retransmission has a hard time keeping up under load.
Directional Antenna High power output FCC PtoP over 4 watts if directional antenna gain greater than 6dBi Legal attacks within FCC range Determined attackers wont care about FCC restrictions
RTS/CTS 802.11 ACK (with large duration value) attack when AP using RTS/CTS, made by modifying the NAV to force a clear medium for an extended period of time.
Maximum NAV value is ~32 milliseconds. Attacker need only to transmit 30 times a second for full medium denial. RTS/CTS is not authenticated. Require correct firmware/hardware to disregard standards. (AUX port) Some clients disregard standards
New ones coming out all the time, vendor specific. Recent Cisco vulnerability allows a reload of the system when malformed POST is sent to the login page of the web administration. Patching systems and employing other means of security is the only way to be sure.
ARRL. (n.d.). Amature Radio Service. Retrieved March 2009, from http://www.arrl.org/FandES/field/regulations/ne ws/part97/ Cisco Systems. (2009, February 04). Cisco Security Center. Retrieved March 12, 2009, from http://tools.cisco.com/security/center/viewAlert. x?alertId=16321 John Bellardo, S. S. (2002). 802.11 Denial-of- Service Attacks. Retrieved March 2009, from http://www- cse.ucsd.edu/~savage/papers/UsenixSec03.pdf