3/1 Another WiFi question: If there was an ESS network, and there were
areas that got signal from only a few APs, couldn't you mount a DoS
attack on a client by forging their MAC and sending lots of forged
reassociation messages to an AP they can't get signal from?
\_ Of course.
\_ So doesn't this throw cold water on any large ESS network without
strong authentication? You can break the access of anyone you've
been in range of.
\_ Even if there is strong authentication, you can break the
access of anyone. It's called "jamming," and it's true of
every form of wireless communication. -tom
\_ But jamming breaks the access of everyone over a specific
area. Spoofed reassociation breaks access for specific
victims across the entire ESS network.
\_ so what? Don't you have better things to do than
worry about DOS on wireless networks? It's trivially
easy to do, but it's not a significant problem in
the real world. Why would anyone bother? -tom
\_ Do you work for MS's security division?
\_ I was just thinking about sfwireless and some big
community networks and bad people. I know wireless
has security problems, and was just exploring a
single potential problem
\_ you can stop thinking now, you don't seem to be
very good at it. -tom
\_ This also works on wired networks, modulo arp spoofing. What's
your point? -dans
\_ He's trying to learn. Why are you and tom being such assholes
to him? And then everyone wonders why so few people want to
attend csua social functions, hang out on wall, or post anon to
the motd. Actually I know why tom is being an asshole. What
exactly is your beef with the guy?
\_ He's not trying to learn. He's trying to show us how
clever he is. -tom
\_ considering no one "knows" who he is, there's not much
point in strutting his stuff. i think he really is just
somewhat amazed at how fallible some things in the real
world are, and i think you're just being an asshole.
\_ Huh? How was he being an asshole? tom's "not good at thinking"
was the only thing, which is pretty tame for the motd. |
http://csua.com/feed/