Go Back   Wireless and Wifi Forums > News > Newsgroups > alt.internet.wireless
NEWS: WPA networks open to limited attack

NEWS: WPA networks open to limited attack

NEWS: WPA networks open to limited attack. Discuss NEWS: WPA networks open to limited attack, on Wireless Forums.

Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 11-09-2008, 12:36 AM
John Navas
Guest
  
Posts: n/a
Default NEWS: WPA networks open to limited attack
Researchers find more flaws in wireless security
<http://www.theregister.co.uk/2008/11/08/wi_fi_protected_access_attack/>

Wireless networks that use a popular form of security known as Wi-Fi
Protected Access (WPA) are vulnerable to an attack that could compromise
certain communications in less than 15 minutes, two researchers plan to
tell attendees next week at the PacSec 2008 conference in Tokyo.

Martin Beck and Erik Tews - two graduate students at technical
universities in Germany - found a combination of techniques that allow
an attacker to decrypt limited communications protected with the lesser
of two WPA security protocols, known as the Temporal Key Integrity
Protocol or TKIP. Using the techniques, attackers could also recover a
special integrity checksum and send up to seven custom packets to
clients on the network, sources told SecurityFocus.

The attack does not allow the key protecting the communications to be
recovered, one of the researchers stressed .

....

While the security vulnerabilities are limited, the techniques could be
used in a denial-of-service (DoS) attack, the researchers stated in
their presentation, by using ARP injection to overwrite entries in the
ARP table or potentially attack a local network's domain servers. The
technique could also be used to channel data through a corporate
firewall, they added.

In an email to a security mailing list, PacSec conference organizer
Dragos Ruiu recommended that wireless-network administrators move to
WPA2 or use the improved WPA security mode, known as Counter Mode with
Cipher Block Chaining Message Authentication Code Protocol (CCMP). In
the latter case, the access point should not allow clients to revert to
TKIP for communications with legacy systems, Ruiu said.

"If you aren't given the option to disable this, you might want to think
about getting a different Access Point or Wi-Fi Router," he said.

According to Tews, an experimental implementation of the researchers'
attack has been introduced into a development version of the aircrack-ng
tool.

[MORE]

Reply With Quote
Reply


« WPA broken? | Linksys WRT160N resetting itself »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Attack of the iPhone Killers - Age news article Snapper aus.comms.mobile 1 06-16-2008 04:05 AM
Hijacking a broadband connection The Todal alt.internet.wireless 244 10-27-2005 08:27 AM
Legal Ramifications of Open Wireless Networks kevinmader@gmail.com alt.internet.wireless 16 08-29-2005 07:39 AM
Re: Install win xp over a network Curious George alt.comp.hardware 30 08-13-2005 08:55 AM


All times are GMT. The time now is 08:52 AM.

Wireless Support Forum - Archive - Top - Privacy Policy - Terms of Use

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45