Hacked Wireless Network...
December 2008
The latest 802.11 wireless hack was announced in a paper entitled “Practical Attacks Against WEP and WPA.” The current attack, which recovers what is known as the keystream and not the “secret key,” results in the attacker being able to send seven (some sources say 15, but the paper’s authors say seven) unauthorized, one-way network packets to the client every 12-15 minutes; it can also decrypt a single Address Resolution Protocol (ARP) packet. Because they only have one way communication, what an attacker could do is very limited. Essentially the malicious attacker would also have to have previous knowledge of unpatched, vulnerable software running on the victim, or access to a previously unknown zero-day exploit that would work on software running on the victim, either of which must be able to be accomplished using seven one-way Universal Datagram Protocol (UDP) packets. Most big, important attacks were the result of smaller, incremental discoveries made along the way. Even this attack builds upon the successful techniques of others. Microsoft’s senior security consultant based in the U.K said, “The thing is, just like with WEP, the first attacks took too long and required too much data. Now you can get a WEP key in under a minute. One has to ask how long it will be before subsequent attacks allow discovery of more keystream to reveal actual data for eavesdropping.”
The latest 802.11 wireless hack was announced in a paper entitled “Practical Attacks Against WEP and WPA.” The current attack, which recovers what is known as the keystream and not the “secret key,” results in the attacker being able to send seven (some sources say 15, but the paper’s authors say seven) unauthorized, one-way network packets to the client every 12-15 minutes; it can also decrypt a single Address Resolution Protocol (ARP) packet. Because they only have one way communication, what an attacker could do is very limited. Essentially the malicious attacker would also have to have previous knowledge of unpatched, vulnerable software running on the victim, or access to a previously unknown zero-day exploit that would work on software running on the victim, either of which must be able to be accomplished using seven one-way Universal Datagram Protocol (UDP) packets. Most big, important attacks were the result of smaller, incremental discoveries made along the way. Even this attack builds upon the successful techniques of others. Microsoft’s senior security consultant based in the U.K said, “The thing is, just like with WEP, the first attacks took too long and required too much data. Now you can get a WEP key in under a minute. One has to ask how long it will be before subsequent attacks allow discovery of more keystream to reveal actual data for eavesdropping.”
posted by arkietechs at 7:14 AM
0 Comments:
Post a Comment
<< Home