New WLAN Attacks Identified
August 07, 2003
WLAN security vendor AirDefense says monitoring at the DefCon convention revealed a new type of Denial-of-Service attack as well as possible firmware bugs that could leave NICs and access points vulnerable.
AirDefense of Alpharetta, Georgia, says that during monitoring at the DefCon hacker convention in Las Vegas last weekend the company identified new security issues specifically effecting wireless LANs.The first is a new Denial-of-Service (DoS) attack that can knock "targeted user stations off the WLAN, forcing stations or access points to shutdown, or disrupting all WLAN connections," said Scott Hrastar, co-founder and CTO of AirDefense, in the company's announcement. This DoS attack includes a "flood" of control frames that will disrupt everything on a given channel. AirDefense has developed a signature for this attack and added it to the AirDefense Guaurd security/monitoring product.
The company is also investigating potential firmware bugs in some access points and wireless network interface cards (NICs) that leave them vulnerable to a forced reboot before the wireless connection is actually established with the network. AirDefense says if specific firmware on products can be identified as having an issue, they'll work with the industry and vendors to get this fixed before announcing any specific products with vulnerabilities.