see below: Mike Kershaw wrote:
> Unfortunately, this isn't new. I did not think it was since almost 2 years ago PSWN (and others) http://www.pswn.gov/admin/librarydocs11/Wireless_data_networking_standards_802_11.pdf ) identified this weakness in addition to a slew of others to 1st responders who contemplated using un-protected spectrum for "Mission Critical" applications. Looi's message just reiterates what we in wireless have know for years.................. >"Any organization that continues to use the standard wireless technology, 802.11b, to operate > critical infrastructure could be considered negligent." Sometimes it takes a red flag in the main stream media from the leaders of the academic establishment before the message it hits home in the public safety community. > > > Attacks against the carrier sense were published near a year ago by > the > ucal-sandiego in Usenix-security. It's not easy to do without > generally > non-public access to either the firmware or the control of a software > radio, it's not really that effective because none of the vendors seem > > to handle RTS channel requests correctly and just talk whenever they > want (which the ucsd guys discovered when actually implementing it). > > The UCSD paper is at: > http://ramp.ucsd.edu/ > bellardo/pubs/usenix-sec03-80211dos-html/aio.html > > It's much easier to implement a disassoc/deauth flood or some other > bit > of unpleasantness than to corrupt the carrier sense algo, and even > that > isn't so widespread still. > > Just my $0.02 towards accuracy. :) > > -m -- NYCwireless - http://www.nycwireless.net/ Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ Archives: http://lists.nycwireless.net/pipermail/nycwireless/