Serious Vulnerability in 802.11b and 802.11g Networks

The Australian Computer Emergency Response Team (AusCERT) released an advisory about a newly discovered denial of service vulnerability in 802.11 wireless networks.

Access points broadcast on a given channel and frequency. The DoS condition can be caused by exploiting the Clear Channel Assessment (CCA) procedure used by 802.11 equipment rendering a condition where the channel appears to be busy. Under such conditions all access points and client stations would defer their transmissions waiting for the channel to appear idle. However and idle condition would not ensue until the DoS attack ceased.

The problem affects all 802.11 wireless gear that uses the a Direct Sequence Spread Spectrum (DSSS) physical layer including 802.11b and low speed 802.11g. The vulnerability does not affect 802.11a and high speed 802.11g devices.

AusCERT said there is no defense against such an attack, and determining the location of the attacker would be difficult.

Since wireless networks are radio transmitters and receivers they are subject to radio interference on their respective frequencies. Therefore relying on wireless network technology for mission critical environments might prove to be more of risk than is necessary

End of Article

i have read a lot of these articles and it would appear that a great many people are not shooting at the whole target. like so many spread spectrum and multi hopping carrier radios the 802*** devices are subject to co channel interference but not altogether from other similar low power devices. in australia, as with other countries these devices are allocated carrier space in the ism (industrial, scientific, medical)band as mandated by governments etc. in this band as legislated any transceiver device must accept any incoming carrier/signal interference and must not cause the same to other devices deployed in the field. lets look at where these bands sit, firstly 2.4ghz, right in the middle of the ham radio band (ham television to be more precise) now, what do think happens to any reciever when it gets pounded with up to a 7 meg carrier which can carry 5 meg of analog video not to mention the sound carriers and other information crunched in there as well, now add to that eirp of up to 5 kilowatts and bingo presto no more viable link, bear in mind that the ham access also extends into the 5.8 band with similar permissions for output power so i think it's time for manufacturers to get the hint that an open piece of radio spectrum is not a marketing tool and will always lead to a free for all eventually rendering the selected spectrum almost completely usless. and it's not the ham operators fault either, they were here far longer then the new developing technology so the only word that comes to mind regulation. anyone else agree?mc

mickc May 31, 2004

You must log on before posting a comment.

If you don't have a username & password, please register now.