Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: More 802.11 soup - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
More 802.11 soup
In February I posted a list of IEEE 802.11 working group projects with some descriptions on how these projects will impact administrators in the future.  It's time to update the list again with some new activity:

802.11w - Protection of Management Frames in 802.11 Networks
The 802.11w working group will define a mechanism to protect the confidentiality and integrity of management fames on wireless networks.  The 802.11i specification that introduces the TKIP and CCMP standards only provides protection for data frames, management frames have no protection on wireless networks.  This allows an attacker to transmit spoofed frames, impersonating legitimate stations on the network or the access point, typically resulting in DoS attacks.  This working group will protect these data frames, reducing the number of MAC-layer DoS attacks that 802.11 networks are vulnerable to.
Benefit: Reduces information disclosure about wireless networks, mitigates MAC-layer DoS attacks.  I question the benefit of MAC-layer DoS mitigation however, since all I need is a microwave and a fork to cause a DoS at layer 1 on a 2.4 GHz wireless network.

802.11y - Inclusion of 3.65-3.7 GHz bands for 802.11 networks
In July 2005, the FCC opened up the use of the 3.65-3.7 GHz band for public use, previously reserved for fixed satellite service networks.  The 802.11y working group will develop a standard to use this band for 802.11 wireless networking while introducing a standards-based mechanism to avoid interfering with existing use of this spectrum.
Benefit: More frequency space means more available channels, which is nice since 2.4 GHz is pretty crowded (one of my students recently found 960+ 802.11b/g AP's in downtown LA in 20 minutes of walking around the hotel).  A standardized interference avoidance mechanism will also streamline the adoption of new frequencies in the future.

With the addition of 802.11y as a physical layer option for wireless networks, we'll likely see some new combination cards within the next few years to support this frequency.  With the addition of 802.11n for MIMO, 802.11e for European 5 GHz networks and 802.11j cards for Japanese 4.9 GHz networks, we'll end up with 802.11a/b/e/g/j/n/y cards.  Awesome!

Speaking of 802.11n - MIMO is gaining speed again with a special working group called the Enhanced Wireless Consortium (EWC) whose goal is to accelerate the development of a joint-standard for MIMO networks, combining the drafts submitted by the WWiSE and TGnSYNC working groups.  Also, in case there was any confusion, the correct pronunciation of MIMO is "My-Moe", not "Mee-Moe".  We know this because it was subject to a September 2004 IEEE plenary vote - "My Moe" garnered 69 votes, "Mee Moe" only 24 with 35 voting members abstaining.
Joshua

34 Posts

Sign Up for Free or Log In to start participating in the conversation!