WLAN denial-of-service (DoS) attacks
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
Wireless networks are vulnerable to DoS attacks due to the nature of the wireless transmission medium. WLANs send information via radio waves on public frequencies, thus they are susceptible to an advertent or deliberate interference from traffic using the same radio band.
If an attacker makes use of a powerful transceiver, enough interference can be generated to prevent wireless devices from communicating with one another. DoS attack devices do not have to be right next to the devices being attacked, either; they need only to be within range of the wireless transmissions.
Examples of techniques used to deny service to a wireless device are:
- Requests for authentication at such a frequency as to disrupt legitimate traffic.
- Requests for deauthentication of legitimate users. These requests may not be refused according to the current 802.11 standard.
- Mimics the behavior of an access point and convinces unsuspecting clients to communicate with it.
- Repeatedly transmits RTS/CTS frames to silence the network.
MAC address vulnerabilities
MAC addresses are easily sniffed by an attacker since they must appear in the clear even in when WEP is enabled. An attacker can masquerade as a valid MAC address by programming the wireless card, to enter the wireless network.
Spoofing MAC address is also very easy. Using packet capturing software, an attacker can determine a valid MAC address by setting up a rogue access point near the target wireless network
Penetration testing -- Securing wireless access points
Introduction
War walking and war driving
WLAN vulnerabilities, SSID issues, WEP weakness
WLAN DoS attacks, MAC address vulnerabilities
Wireless testing tools
WLAN security countermeasures
About the author
Russell Dean Vines is a bestselling author, Chief Security Advisor for Gotham Technology Group, LLC, and former President of the RDV Group. His most recent book is The CISSP and CAP Prep Guide, published by John S. Wiley and Sons.
This was first published in February 2007