ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Internet

Online business Toolkit

Wireless network security shows cracks

Rupert Goodwins ZDNet.co.uk

Published: 18 Feb 2002 18:31 GMT

A new set of security measures aimed at making 802.11-type wireless LANs safe from hackers is fundamentally flawed, according to researchers from the University of Maryland.

Professor William Arbaugh and Arunesh Mishra say in a paper published last week that the new 802.1X security system has two basic problems -- one where a hacker can hijack an existing connection, and another where they can interpose themselves during authentication and steal access information as it's being set up.

In the first case, the hacker monitors the transmissions and when a session is established between a client and an access point, the hacker sends a fake packet to the client purporting to be from the access point saying "Session closed". The client just reconnects with a new session: meanwhile, the legitimate access point thinks the old session is still open and the hacker can use it.

The other way -- a 'man in the middle' attack -- again involves the hacker pretending to be an access point, this time relaying messages between the client and the real access point while monitoring their contents, having "... completely bypassed any higher-layer authentication and render(ing) the authentication mechanism ineffective," according to Arbaugh and Mishra.

The paper, An Initial Security Analysis of the IEEE 802.1X Standard, says that the standard needs to be modified to include symmetric authentication -- where the client and the access point both prove to each other who they are --- and better handling of access point authentication. Without this, it says, 802.1X and 802.11 cannot provide sufficient levels of security. The 802.1X standard itself -- and its associated standard, Extensible Authentication Protocol -- is already in use for wireless networking in Cisco 802.11b products, for example. 802.1X has already been under investigation for its vulnerability to a number of different potential attacks, including several potential denial-of-service flaws.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Go to the Security forum.

Let the editors know what you think in the Mailroom.

Did you find this article useful?
39 out of 102 people found this useful

Post a comment

Full Talkback thread

0 comments

More In Online business

Company/Topic Alerts

Create a new alert from the list below:

Install Flash Player Plugin

Featured Talkback

I wonder, who needs .asia domain? I cannot imagine, what would be useful for Microsoft.asia? Toyota.asia? Then let's register .europe (if .eu is too short). Or perhaps Microsoft.southamerica, Dell.australiaandnewzealand, Coca-Cola.africa... Sound funny? Then why not just use the global and country domains? Or perhaps it is time to drop the domains at all?