On Fri, 14 May 2004 05:21:39 +0530, Suresh Ramasubramanian <suresh@outblaze.com> said:
Affecting various hardware implementations of the IEEE 802.11 wireless networking standard - including widely used 802.11b devices - the flaw was found in the collision avoidance routines used to prevent multiple devices from transmitting at the same moment.
Wow. I'm underwhelmed. First, we collectively realize that RFC793 really HAS said 'The RST has to be in the window, not dead on' for 2 decades. Now somebody's discovered that a jabbering transciever can take out a CSMA/CA network. And to top it off: The model of a shared communications channel is a fundamental factor in the effectiveness of an attack on this vulnerability. For this reason, it is likely that devices based on the newer IEEE 802.11a standard will not be affected by this attack where the physical layer uses Orthogonal Frequency Division Multiplexing (OFDM) Yes - *THIS* attack doesn't work, you can't take down a 802.11a net with a hacked PDA that jabbers on channel, you need to use a hacked 802.11a-capable PDA that jabbers on all the subchannels at once. ;) Any bets on what will be rediscovered next? Some CERT will realize that if a DDoS uses RFC1918 source addresses, it will be hard to track down the misbehaving sources? ;)