千家论坛_智能建筑与智能家居技术交流社区

标题: [转帖]802.11WLAN最近漏洞 [打印本页]

作者: 沙尘 时间: 2004-5-14 13:20
标题: [转帖]802.11WLAN最近漏洞
无线网络最近漏洞 Flaw in 802.11 Helps Attacker Stop Your Wireless Network Severity: Medium 13 May, 2004 Summary: Today, Australia's Computer Emergency Response Team (AusCERT) released an advisory describing a flaw in the 802.11 protocol. This newly discovered flaw allows an attacker within range of your wireless network to completely jam all wireless traffic, at will. Since this is a flaw in the 802.11 protocol itself, all 802.11b devices, including WatchGuard's Firebox SOHO 6 Wireless, are affected. There is no fix. If you manage 802.11 wireless networks, we remind you not to place critical infrastructure on your wireless segment. See the Solution section below to learn other ways to reduce your risk from this flaw. Exposure: 802.11 consists of a group of standards and specifications developed by the Institute of Electrical and Electronics Engineers (IEEE, pronounced "I triple-E"), describing how to transmit network traffic wirelessly. The 802.11 family currently consists of 802.11 Legacy, 802.11a, 802.11b and 802.11g. IEEE also expects to ratify two new specifications, 802.11e and 802.11i, by the end of 2004, incorporating considerable security improvements. Today, AusCERT released an advisory warning of a flaw in the 802.11 protocol. One of the specifications included in the 802.11 protocol helps prevent network traffic collisions by not allowing other wireless devices to "talk" while one device is "talking" (technically CSMA/CA and CCA). Researchers discovered an attacker can configure a wireless device so that it doesn't shut up, thus preventing all other wireless traffic, and resulting in a Denial of Service (DoS). DoS vulnerabilities in 802.11 have been discovered before, but none are as trivial to exploit as this one. According to AusCERT, even devices as low-powered as a PDA with a wireless NIC can exploit this vulnerability once in range of a victim Wireless Access Point (WAP). Furthermore, attackers using high-gain antennas can significantly increase the distance from which they can attack. Since 802.11 works on radio waves, the attacker could strike from anywhere within line of sight of the WAP, making the attacker difficult to find. The AusCERT advisory seems to indicate that this flaw only affects 802.11 devices that transmit radio signals using Direct-Sequence Spread Spectrum (DSSS), a transmission technology used by some 2.4Ghz WAPs. That would mean that currently, only 802.11b devices and 802.11g devices in compatibility or low-speed mode are affected by this vulnerability. 802.11a devices and 802.11g devices are unaffected if set exclusively in high speed mode. If you rely on your wireless network to access business critical servers, consider this vulnerability as high-risk. However, keep in mind that attackers cannot gain access to your network or capture sensitive information by exploiting this vulnerability. They can only prevent you from using your wireless network -- as if your wireless network had its own private power outage. Solution Path: Unfortunately, since this is a flaw in the 802.11 protocol itself, there is no fix. If you administer any 802.11b devices or 802.11g devices in compatibility mode, your devices are suceptible to DoS attacks. However, your attacker must be within range of your wireless network for his attack to succeed. Planning your wireless network so that its perimeter stays within the physical confines of your office greatly reduces the risk of this type of attack. Obviously, since both 802.11a and 802.11g (in high-speed mode) are unaffected, migrating your equipment to those standards would protect you, but at a cost. If you feel you are especially at risk from this type of attack, and your wireless network includes critical infrastucture, you should probably upgrade your equipment. However, even if you decide to upgrade, you might consider waiting until June or later this year for the release of 802.11e and 802.11i devices that greatly improve wireless security.

作者: 大春31 时间: 2004-5-14 15:11

如果谁看不懂的话可以到www.165net.com翻译一下

建议下次用中文的，就算我能看懂也费劲啊！还有写专用术语不查根本翻译不过来

作者: 大春31 时间: 2004-5-14 15:13
多少年不用英语了，忘的差不多了都

欢迎光临千家论坛_智能建筑与智能家居技术交流社区 (http://bbs.qianjia.com/)