Serious Vulnerability in 802.11b and 802.11g Networks

The Australian Computer Emergency Response Team (AusCERT) released an advisory about a newly discovered denial of service vulnerability in 802.11 wireless networks.

Access points broadcast on a given channel and frequency. The DoS condition can be caused by exploiting the Clear Channel Assessment (CCA) procedure used by 802.11 equipment rendering a condition where the channel appears to be busy. Under such conditions all access points and client stations would defer their transmissions waiting for the channel to appear idle. However and idle condition would not ensue until the DoS attack ceased.

The problem affects all 802.11 wireless gear that uses the a Direct Sequence Spread Spectrum (DSSS) physical layer including 802.11b and low speed 802.11g. The vulnerability does not affect 802.11a and high speed 802.11g devices.

AusCERT said there is no defense against such an attack, and determining the location of the attacker would be difficult.

Since wireless networks are radio transmitters and receivers they are subject to radio interference on their respective frequencies. Therefore relying on wireless network technology for mission critical environments might prove to be more of risk than is necessary