Cyber Eye: More security trouble crops up for wireless networks

William Jackson

In a springtime bursting with new security worries, wireless users learned of one that's already built into IEEE 802.11 wireless networking protocols.

The alert came last month from the United States CERT Coordination Center, at www.kb.cert.org, and from the Australian Computer Emergency Response Team, at www.auscert.org.au.

The Australian team said the vulnerability in wireless collision avoidance allows a 'trivial but effective' denial-of-service attack against portions of wireless LANs using most of the 802.11 family of protocols.

The good news is that the effects of such an attack are temporary and usually limited in scope'although if an access point is targeted, it affects all clients using that point.

The bad news? No effective defense exists against such an attack, which could be carried out with low-powered equipment such as personal digital assistants.

The lesson is that wireless networks not only are subject to all the security concerns of wired networks, but they also have their own set of worries.

Queensland University of Technology's Information Security Research Center said the 802.11 protocols constantly check for clear frequencies over which devices can transmit. If the Clear Channel Assessment algorithm is used with direct-sequence, spread-spectrum (DSSS) transmissions, a specially crafted radio signal can fool a wireless device into thinking that all channels are busy, effectively blocking transmissions.

And the jamming device does not have to be authenticated by the network.

'This is not an implementation vulnerability,' U.S. CERT said. 'Any 802.11 DSSS device, including wireless network cards and access points, is vulnerable.' Wireless security features cannot guard against it.

The solution is to avoid 802.11x devices that use DSSS at speeds below 20 Mbps.

Devices doing frequency-hopping, spread-spectrum (FHSS) or orthogonal frequency-division multiplexing (OFDM) transmission are not subject to the vulnerability. The 802.11a and 802.11g devices operating above 20 Mbps use OFDM. And 802.11 devices also can use FHSS.

Because the range of attack by a PDA would necessarily be limited, wireless networks inside a building and those that have been shielded against interference are less likely to fall victim.

Wireless networking has probably not yet become a necessity. Denial of service at a Starbucks or an airport is an inconvenience. Not being able to beam a Microsoft PowerPoint presentation into a conference room might also be an inconvenience, depending on the quality of the presentation.
But denial-of-service attacks against a public safety network or a wireless LAN handling mission-critical applications could be far more serious.

When a packet absolutely, positively must get through, you're better off using a wire.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above