802.11 Wireless Attacks & Detection/Defense  Home ToC Prev Up Next 
802.11 overview
Attacks
Detection
Defense
Disabling SSID
+AP modifications
Best practice
EAP selection
Conclusion
  

AP modifications

  • AP modifications can violate 802.11 specification, on the other hand they prevent the DEAUTH DOS attacks

  • A suitable timeout (e.g. 10 seconds) for management frame (DEAUTH, DISAS, ..) execution can be implemented - effective against wlan_jack DOS attack

  • Integration of IDS to AP can considerably increase security on 2nd link-layer (e.g. Snort-Wireless in OpenWRT). The IDS requirements in the AP:

    • The sequence numbers have to be watched by IDS even if the wireless client is roamed out of range of the AP for a short period and then it gets back. If the wireless client is roamed for a long period, the IDS has to invalidate its sequence numbers.

    • The sequence numbers sometimes jump to higher value in case of sending/receiving channel alternation or are set to zero if the firmware drops the damaged frame or the PCMCIA bus is reinitialized
Copyright © 2005 Pavol Lupták, ICZ a.s.  Prev Next