1 / 9

Understanding 802.11 Denial of Service Attacks

Learn about various types of DoS attacks on the 802.11 network, from electronic/physical layer tactics to application layer vulnerabilities. Explore overpowering techniques, interference issues, and legal considerations. Discover how RTS/CTS attacks and application-specific vulnerabilities pose threats, and find out how to secure systems effectively.

fergal
Download Presentation

Understanding 802.11 Denial of Service Attacks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Andrew Taylor 802.11 Denial Of Service

  2. Types of DoS • Electronic/Phy layer • Overpowering, modulation techniques • Management Frame DoS • i.e. RTS/CTS • Application Specific • Application layer vulnerabilities

  3. Low level interference • Quick interference recap: • Any type of interference is bad with 802.11g/a due to QPSK • Error correction/retransmission has a hard time keeping up under load.

  4. Causing Interference • Directional Antenna • High power output • FCC PtoP over 4 watts if directional antenna gain greater than 6dBi • Legal attacks within FCC range • Determined attackers wont care about FCC restrictions

  5. Higher Layer Attacks • RTS/CTS • 802.11 ACK (with large duration value) attack when AP using RTS/CTS, made by modifying the NAV to force a clear medium for an extended period of time.

  6. RTS/CTS Attack Cont. • Maximum NAV value is ~32 milliseconds. • Attacker need only to transmit 30 times a second for full medium denial. • RTS/CTS is not authenticated. • Require correct firmware/hardware to disregard standards. (AUX port) • Some clients disregard standards

  7. Application Layer Vulnerabilities • New ones coming out all the time, vendor specific. • Recent Cisco vulnerability allows a reload of the system when malformed POST is sent to the login page of the web administration. • Patching systems and employing other means of security is the only way to be sure.

  8. Questions?

  9. Sources • ARRL. (n.d.). Amature Radio Service. Retrieved March 2009, from http://www.arrl.org/FandES/field/regulations/news/part97/ • Cisco Systems. (2009, February 04). Cisco Security Center. Retrieved March 12, 2009, from http://tools.cisco.com/security/center/viewAlert.x?alertId=16321 • John Bellardo, S. S. (2002). 802.11 Denial-of-Service Attacks. Retrieved March 2009, from http://www-cse.ucsd.edu/~savage/papers/UsenixSec03.pdf

More Related