SlideShare a Scribd company logo

Autoimmunity Disorder in Wireless LANs By Md Sohail Ahmad J V R Murthy, Amit Vartak AirTight Networks

M
Md Sohail Ahmad

The document discusses how wireless LAN systems, like biological immune systems, can experience "autoimmunity disorders" where the system's defenses mistakenly attack its own components. It presents examples of how malicious stimuli, like specially crafted packets, can trick access points into broadcasting disconnection messages, causing legitimate clients to disconnect. Even systems with additional protections like MFP (802.11w) remain vulnerable to denial-of-service attacks through various implementation-dependent issues. The key point is that new avenues for DoS attacks are possible against both protected and unprotected wireless systems.

TechnologyNews & Politics
1 of 20
Autoimmunity Disorder in Wireless LANs By Md Sohail Ahmad J V R Murthy, Amit Vartak AirTight Networks
Biological Systems Vs WLAN Systems: Similarities Immune system foreign bodies Purpose of the immune system is to defend against attacks from germs, viruses & foreign bodies Purpose of WLAN system software is to defend against attacks from intruders and hackers Biological systems Wireless LAN systems Built-in Security software Attacker
Autoimmunity Disorder Immune system foreign bodies When immune system mistakenly attacks & destroys healthy body tissues When AP mistakenly attacks and destroys legitimate client connections Biological systems Wireless LAN systems Built-in Security software Attacker
What’s Well Known -- DoS from an External Source ,[object Object],AP Client Attacker DoS Attack Launched on CL DoS Attack launched on AP Connection Breaks Connection Breaks
What’s New – Self DoS Triggered by an External Stimulus ,[object Object],AP Client Attacker Stimulus Self DoS
Example of Self DoS (1) AP Client Broadcast Disconnection Notification from AP Attacker
Result    Multicast MAC as source  Madwifi-0.9.4 driver with Cisco Aironet a/b/g Card  Buffalo Model No-WZR-AG300NH, Firmware ver 1.48 Cisco Model No AIR-AP1232AG-A-K9 Firmware Ver 12.3(8)JEA3 Linksys Model No WRT350N, Firmware Ver 1.0.3.7  DLink, Model No DIR-655, Firmware Ver 1.1 Broadcast MAC as source
Example of Self DoS (2) AP Client ,[object Object],Disconnection Notification or Response with “Failure” status code Client and AP in Associated State Attacker Stimulus: Req packet with invalid attributes
Stimulus ,[object Object],[object Object],10,13,14,18,19,20,21,22,23,24,25 ,26,40,44,45,51 6,7,10,11,13,14,15,21,22 Status Codes Reason Codes
Result      Authentication    Broadcast MAC as source    Multicast MAC as source    Assoc Request  Madwifi-0.9.4 driver with Cisco Aironet a/b/g Card  Buffalo Model No-WZR-AG300NH, Firmware ver 1.48  Cisco Model No AIR-AP1232AG-A-K9 Firmware Ver 12.3(8)JEA3  Linksys Model No WRT350N, Firmware Ver 1.0.3.7  DLink, Model No DIR-655, Firmware Ver 1.1 Reassoc Req
Is Cisco MFP also vulnerable to Self DoS ? Think of Cisco MFP (802.11w) as the latest and greatest immune system which is supposed to make WLANs totally attack resistant.
Example: MFP (L)AP MFP Client MFP AP Ignore or Honor Assoc Req Packet ? Client ignores unsolicited Association Response AP has an important decision to make !!! Uprotected “Deauth” ignored by Client Client and AP in Associated state Stimulus:Assoc Req, from Client to AP Attacker Assoc Response Data Deauthentication AP and Client in Deadlock
Example: MFP Client MFP Client MFP AP Association dropped at AP Association dropped at Client Client and AP in Associated state Stimulus:Assoc Response, from AP to Client, Status Code Failure Attacker Protected Deauthentication, teardown connection
The Key Point ,[object Object],Even with MFP (11w) protection DoS vulnerabilities could not be completely eliminated. Currently available MFP implementations were found vulnerable!
References ,[object Object],[object Object],[object Object],[object Object],[object Object]
Contact Us ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Stimulus #1 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Stimulus #2 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Stimulus #3 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Stimulus #4 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Stimulus #5 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Stimulus #6 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Stimulus #7 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Stimulus #8 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec TrainingMike Spaulding
 
Apmac poster 3 collums
Apmac poster 3 collumsApmac poster 3 collums
Apmac poster 3 collumsSubhajit Sidhanta
 
Application sharing
Application sharingApplication sharing
Application sharingapmac
 
P@norama' sulle tecnologie innovative: la sicurezza applicativa
P@norama' sulle tecnologie innovative: la sicurezza applicativaP@norama' sulle tecnologie innovative: la sicurezza applicativa
P@norama' sulle tecnologie innovative: la sicurezza applicativaSelf Employed
 
La tecnologia per lo sviluppo e la tutela del gioco legale
La tecnologia per lo sviluppo e la tutela del gioco legaleLa tecnologia per lo sviluppo e la tutela del gioco legale
La tecnologia per lo sviluppo e la tutela del gioco legaleSelf Employed
 
Il geometra consulente tecnico legale: i nuovi orizzonti
Il geometra consulente tecnico legale: i nuovi orizzonti Il geometra consulente tecnico legale: i nuovi orizzonti
Il geometra consulente tecnico legale: i nuovi orizzonti Self Employed
 
Chinese Tea
Chinese TeaChinese Tea
Chinese Teaguestc6f3b02
 
Technology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithTechnology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithKJSmith98
 

Recommended

Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec TrainingMike Spaulding
 
Apmac poster 3 collums
Apmac poster 3 collumsApmac poster 3 collums
Apmac poster 3 collumsSubhajit Sidhanta
 
Application sharing
Application sharingApplication sharing
Application sharingapmac
 
P@norama' sulle tecnologie innovative: la sicurezza applicativa
P@norama' sulle tecnologie innovative: la sicurezza applicativaP@norama' sulle tecnologie innovative: la sicurezza applicativa
P@norama' sulle tecnologie innovative: la sicurezza applicativaSelf Employed
 
La tecnologia per lo sviluppo e la tutela del gioco legale
La tecnologia per lo sviluppo e la tutela del gioco legaleLa tecnologia per lo sviluppo e la tutela del gioco legale
La tecnologia per lo sviluppo e la tutela del gioco legaleSelf Employed
 
Il geometra consulente tecnico legale: i nuovi orizzonti
Il geometra consulente tecnico legale: i nuovi orizzonti Il geometra consulente tecnico legale: i nuovi orizzonti
Il geometra consulente tecnico legale: i nuovi orizzonti Self Employed
 
Chinese Tea
Chinese TeaChinese Tea
Chinese Teaguestc6f3b02
 
Technology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithTechnology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithKJSmith98
 
Technology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithTechnology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithKJSmith98
 
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...Self Employed
 
Innovation Forum Italy - China
Innovation Forum Italy - ChinaInnovation Forum Italy - China
Innovation Forum Italy - ChinaSelf Employed
 
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012Black Pearls Community Services, Inc Sponsorship Package - Spring 2012
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012Black Pearls Community Services, Inc.
 
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...Nelson Petracek
 
Plurality Of Elders
Plurality Of EldersPlurality Of Elders
Plurality Of EldersNathan Riese
 
Caffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconCaffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconMd Sohail Ahmad
 
Wireless Intrusion Prevention Systems or WIPS
Wireless Intrusion Prevention Systems or WIPSWireless Intrusion Prevention Systems or WIPS
Wireless Intrusion Prevention Systems or WIPSMd Sohail Ahmad
 
Wi Fish Finder Defcon 17 Ahmadand Dhyani
Wi Fish Finder Defcon 17 Ahmadand DhyaniWi Fish Finder Defcon 17 Ahmadand Dhyani
Wi Fish Finder Defcon 17 Ahmadand DhyaniMd Sohail Ahmad
 
Wpa too-hole196-defcon18-presentation
Wpa too-hole196-defcon18-presentationWpa too-hole196-defcon18-presentation
Wpa too-hole196-defcon18-presentationMd Sohail Ahmad
 
Robert W Self Resume 2009
Robert W Self Resume 2009Robert W Self Resume 2009
Robert W Self Resume 2009guest3e8191
 
When WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksWhen WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksAirTight Networks
 
Cert0101 HPE6-A42 & HPE6-A70.pdf
Cert0101 HPE6-A42 & HPE6-A70.pdfCert0101 HPE6-A42 & HPE6-A70.pdf
Cert0101 HPE6-A42 & HPE6-A70.pdfAllen Kuo
 
St0 029 question answers
St0 029 question answersSt0 029 question answers
St0 029 question answersMarcoMCervantes
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
 
Attacking backup softwares
Attacking backup softwaresAttacking backup softwares
Attacking backup softwaresNibin Varghese
 
Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08kamensm02
 
De-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali LinuxDe-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali LinuxIRJET Journal
 
Dos on 802.11 and other security issues ( Case Study )
Dos on 802.11 and other security issues ( Case Study ) Dos on 802.11 and other security issues ( Case Study )
Dos on 802.11 and other security issues ( Case Study ) Shrobon Biswas
 
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfConfiguring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfdjameleddine2015
 
Office Comunnications Server 2007 R2 Poster
Office Comunnications Server 2007 R2 PosterOffice Comunnications Server 2007 R2 Poster
Office Comunnications Server 2007 R2 PosterPaulo Freitas
 
Wlan mac-spoof
Wlan mac-spoofWlan mac-spoof
Wlan mac-spoofGeorgios Giannakopoulos
 

More Related Content

Viewers also liked

Technology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithTechnology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithKJSmith98
 
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...Self Employed
 
Innovation Forum Italy - China
Innovation Forum Italy - ChinaInnovation Forum Italy - China
Innovation Forum Italy - ChinaSelf Employed
 
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012Black Pearls Community Services, Inc Sponsorship Package - Spring 2012
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012Black Pearls Community Services, Inc.
 
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...Nelson Petracek
 
Plurality Of Elders
Plurality Of EldersPlurality Of Elders
Plurality Of EldersNathan Riese
 
Caffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconCaffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconMd Sohail Ahmad
 
Wireless Intrusion Prevention Systems or WIPS
Wireless Intrusion Prevention Systems or WIPSWireless Intrusion Prevention Systems or WIPS
Wireless Intrusion Prevention Systems or WIPSMd Sohail Ahmad
 
Wi Fish Finder Defcon 17 Ahmadand Dhyani
Wi Fish Finder Defcon 17 Ahmadand DhyaniWi Fish Finder Defcon 17 Ahmadand Dhyani
Wi Fish Finder Defcon 17 Ahmadand DhyaniMd Sohail Ahmad
 
Wpa too-hole196-defcon18-presentation
Wpa too-hole196-defcon18-presentationWpa too-hole196-defcon18-presentation
Wpa too-hole196-defcon18-presentationMd Sohail Ahmad
 
Robert W Self Resume 2009
Robert W Self Resume 2009Robert W Self Resume 2009
Robert W Self Resume 2009guest3e8191
 

Viewers also liked (11)

Technology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen SmithTechnology Integration Action Plan - Karen Smith
Technology Integration Action Plan - Karen Smith
 
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...
GEOWEB e il Collegio dei Geometri di Milano presentano : LA FATTURAZIONE ELET...
 
Innovation Forum Italy - China
Innovation Forum Italy - ChinaInnovation Forum Italy - China
Innovation Forum Italy - China
 
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012Black Pearls Community Services, Inc Sponsorship Package - Spring 2012
Black Pearls Community Services, Inc Sponsorship Package - Spring 2012
 
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
 
Plurality Of Elders
Plurality Of EldersPlurality Of Elders
Plurality Of Elders
 
Caffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconCaffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In Toorcon
 
Wireless Intrusion Prevention Systems or WIPS
Wireless Intrusion Prevention Systems or WIPSWireless Intrusion Prevention Systems or WIPS
Wireless Intrusion Prevention Systems or WIPS
 
Wi Fish Finder Defcon 17 Ahmadand Dhyani
Wi Fish Finder Defcon 17 Ahmadand DhyaniWi Fish Finder Defcon 17 Ahmadand Dhyani
Wi Fish Finder Defcon 17 Ahmadand Dhyani
 
Wpa too-hole196-defcon18-presentation
Wpa too-hole196-defcon18-presentationWpa too-hole196-defcon18-presentation
Wpa too-hole196-defcon18-presentation
 
Robert W Self Resume 2009
Robert W Self Resume 2009Robert W Self Resume 2009
Robert W Self Resume 2009
 

Similar to Autoimmunity Disorder in Wireless LANs By Md Sohail Ahmad J V R Murthy, Amit Vartak AirTight Networks

When WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksWhen WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksAirTight Networks
 
Cert0101 HPE6-A42 & HPE6-A70.pdf
Cert0101 HPE6-A42 & HPE6-A70.pdfCert0101 HPE6-A42 & HPE6-A70.pdf
Cert0101 HPE6-A42 & HPE6-A70.pdfAllen Kuo
 
St0 029 question answers
St0 029 question answersSt0 029 question answers
St0 029 question answersMarcoMCervantes
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksDavid Sweigert
 
Attacking backup softwares
Attacking backup softwaresAttacking backup softwares
Attacking backup softwaresNibin Varghese
 
Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08kamensm02
 
De-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali LinuxDe-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali LinuxIRJET Journal
 
Dos on 802.11 and other security issues ( Case Study )
Dos on 802.11 and other security issues ( Case Study ) Dos on 802.11 and other security issues ( Case Study )
Dos on 802.11 and other security issues ( Case Study ) Shrobon Biswas
 
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfConfiguring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfdjameleddine2015
 
Office Comunnications Server 2007 R2 Poster
Office Comunnications Server 2007 R2 PosterOffice Comunnications Server 2007 R2 Poster
Office Comunnications Server 2007 R2 PosterPaulo Freitas
 
sec19_slides_sivakumaran.pdf
sec19_slides_sivakumaran.pdfsec19_slides_sivakumaran.pdf
sec19_slides_sivakumaran.pdfJasonCravens
 
aGHLecture2_2017.pptx
aGHLecture2_2017.pptxaGHLecture2_2017.pptx
aGHLecture2_2017.pptxRituParna42
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008abhijitapatil
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
COMMUNICATION IN DISTRIBUTED SYSTEMS
COMMUNICATION IN DISTRIBUTED SYSTEMSCOMMUNICATION IN DISTRIBUTED SYSTEMS
COMMUNICATION IN DISTRIBUTED SYSTEMSSaji banu
 
Web Insecurity And Browser Exploitation
Web Insecurity And Browser ExploitationWeb Insecurity And Browser Exploitation
Web Insecurity And Browser ExploitationMichele Orru'
 

Similar to Autoimmunity Disorder in Wireless LANs By Md Sohail Ahmad J V R Murthy, Amit Vartak AirTight Networks (20)

When WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS AttacksWhen WLANs Launch Self DoS Attacks
When WLANs Launch Self DoS Attacks
 
Cert0101 HPE6-A42 & HPE6-A70.pdf
Cert0101 HPE6-A42 & HPE6-A70.pdfCert0101 HPE6-A42 & HPE6-A70.pdf
Cert0101 HPE6-A42 & HPE6-A70.pdf
 
St0 029 question answers
St0 029 question answersSt0 029 question answers
St0 029 question answers
 
Wireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication AttacksWireless Disassociation and Deauthentication Attacks
Wireless Disassociation and Deauthentication Attacks
 
Attacking backup softwares
Attacking backup softwaresAttacking backup softwares
Attacking backup softwares
 
Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08
 
De-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali LinuxDe-Authentication attack on wireless network 802.11i using Kali Linux
De-Authentication attack on wireless network 802.11i using Kali Linux
 
Dos on 802.11 and other security issues ( Case Study )
Dos on 802.11 and other security issues ( Case Study ) Dos on 802.11 and other security issues ( Case Study )
Dos on 802.11 and other security issues ( Case Study )
 
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfConfiguring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
 
Office Comunnications Server 2007 R2 Poster
Office Comunnications Server 2007 R2 PosterOffice Comunnications Server 2007 R2 Poster
Office Comunnications Server 2007 R2 Poster
 
Wlan mac-spoof
Wlan mac-spoofWlan mac-spoof
Wlan mac-spoof
 
sec19_slides_sivakumaran.pdf
sec19_slides_sivakumaran.pdfsec19_slides_sivakumaran.pdf
sec19_slides_sivakumaran.pdf
 
aGHLecture2_2017.pptx
aGHLecture2_2017.pptxaGHLecture2_2017.pptx
aGHLecture2_2017.pptx
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
 
COMMUNICATION IN DISTRIBUTED SYSTEMS
COMMUNICATION IN DISTRIBUTED SYSTEMSCOMMUNICATION IN DISTRIBUTED SYSTEMS
COMMUNICATION IN DISTRIBUTED SYSTEMS
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
Web Insecurity And Browser Exploitation
Web Insecurity And Browser ExploitationWeb Insecurity And Browser Exploitation
Web Insecurity And Browser Exploitation
 
Firewalls
FirewallsFirewalls
Firewalls
 

Recently uploaded

Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

Autoimmunity Disorder in Wireless LANs By Md Sohail Ahmad J V R Murthy, Amit Vartak AirTight Networks

  • 1. Autoimmunity Disorder in Wireless LANs By Md Sohail Ahmad J V R Murthy, Amit Vartak AirTight Networks
  • 2. Biological Systems Vs WLAN Systems: Similarities Immune system foreign bodies Purpose of the immune system is to defend against attacks from germs, viruses & foreign bodies Purpose of WLAN system software is to defend against attacks from intruders and hackers Biological systems Wireless LAN systems Built-in Security software Attacker
  • 3. Autoimmunity Disorder Immune system foreign bodies When immune system mistakenly attacks & destroys healthy body tissues When AP mistakenly attacks and destroys legitimate client connections Biological systems Wireless LAN systems Built-in Security software Attacker
  • 4.
  • 5.
  • 6. Example of Self DoS (1) AP Client Broadcast Disconnection Notification from AP Attacker
  • 7. Result    Multicast MAC as source  Madwifi-0.9.4 driver with Cisco Aironet a/b/g Card  Buffalo Model No-WZR-AG300NH, Firmware ver 1.48 Cisco Model No AIR-AP1232AG-A-K9 Firmware Ver 12.3(8)JEA3 Linksys Model No WRT350N, Firmware Ver 1.0.3.7  DLink, Model No DIR-655, Firmware Ver 1.1 Broadcast MAC as source
  • 8.
  • 9.
  • 10. Result      Authentication    Broadcast MAC as source    Multicast MAC as source    Assoc Request  Madwifi-0.9.4 driver with Cisco Aironet a/b/g Card  Buffalo Model No-WZR-AG300NH, Firmware ver 1.48  Cisco Model No AIR-AP1232AG-A-K9 Firmware Ver 12.3(8)JEA3  Linksys Model No WRT350N, Firmware Ver 1.0.3.7  DLink, Model No DIR-655, Firmware Ver 1.1 Reassoc Req
  • 11. Is Cisco MFP also vulnerable to Self DoS ? Think of Cisco MFP (802.11w) as the latest and greatest immune system which is supposed to make WLANs totally attack resistant.
  • 12. Example: MFP (L)AP MFP Client MFP AP Ignore or Honor Assoc Req Packet ? Client ignores unsolicited Association Response AP has an important decision to make !!! Uprotected “Deauth” ignored by Client Client and AP in Associated state Stimulus:Assoc Req, from Client to AP Attacker Assoc Response Data Deauthentication AP and Client in Deadlock
  • 13. Example: MFP Client MFP Client MFP AP Association dropped at AP Association dropped at Client Client and AP in Associated state Stimulus:Assoc Response, from AP to Client, Status Code Failure Attacker Protected Deauthentication, teardown connection
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.