[MLB-WIRELESS] More on Wifi security

Troy Mitchell txrx at eridu.net
Mon Aug 14 14:36:02 EST 2006


Looks like they are referring to this:
(in a hyped-up mainsteam media kind of way..)

http://www.defcon.org/html/defcon-14/dc-14-speakers.html#Cache
 
Fun with 802.11 Device Drivers 
Johnny Cache

Abstract:
The 802.11 link-layer wireless protocol is widely known for its design
flaws. Unauthenticated management packets, a ridiculous attempt at providing
link layer confidentiality and authentication (WEP), and general vendor
stupidity have all contributed to 802.11 being the most sensationalized
protocol ever mentioned in the media.

All of the above topics have been beaten to death. Instead this talk
explores new advances not in design problems in 802.11, but in
implementation issues. The two major advances in 802.11 security will be
covered, device driver vulnerabilities and link layer fingerprinting
techniques. 802.11 fingerprinting represents the first time that a
link-layer protocol has been vulnerable to finger-printing attacks. These
attacks can provide useful information to the attacker, allowing him to
accurately target the latest weapon in any wireless hackers arsenal: 802.11
device driver exploits.

Bio:
Johnny Cache is responsible for many wireless hacking tools. These include
jc-wepcrack (a distributed wep-cracker) jc-aircrack (a complete aircrack
re-write in C++), and also helped h1kari create pico-wepcrack (a FPGA
accelerated WEP brute forcer). Cache is currently pursuing his Master's
degree in computer security. He is also co-author of "Hacking Exposed
Wireless". His latest accomplishments can be found in Airbase, available at
www.802.11mercenary.net



-----Original Message-----
From: melbwireless-bounces at wireless.org.au
[mailto:melbwireless-bounces at wireless.org.au] On Behalf Of Steven Haigh
Sent: Monday, 14 August 2006 1:52 PM
To: melbwireless at wireless.org.au
Subject: Re: [MLB-WIRELESS] More on Wifi security

On 14/08/2006, at 1:04 PM, gabrielle harrison and Paul van den Bergen
wrote:
> just when I thought it was safe again.
>
> warning - article short on detail.
> http://www.theage.com.au/news/wireless--broadband/hacker-exposes- 
> security-flaw-in-wireless-computers/2006/08/03/1154198254214.htm

Wow. I read two pages of text and think I became dumber in the  
process :p

Does anyone have any real details on just what on earth they are  
talking about? Something about hacking the driver to take control of  
the machine?

-- 
Steven Haigh

Email: netwiz at crc.id.au
Web: http://www.crc.id.au
Phone: (03) 9017 0597 - 0412 935 897

_______________________________________________
Melbwireless mailing list
Melbwireless at wireless.org.au
http://wireless.org.au/mailman/listinfo/melbwireless

-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.10.9/417 - Release Date: 11/08/2006
 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.10.9/417 - Release Date: 11/08/2006
 




More information about the Melbwireless mailing list