Full Disclosure mailing list archives

RE: (AUSCERT AA-2004.02) AUSCERT Advisory - Den ial of Service Vulnerability in IEEE 802.11 Wireless Devices (fwd)

From: "Ng, Kenneth (US)" <kenng () kpmg com>
Date: Thu, 13 May 2004 12:36:18 -0400

I've been around long enough to remember having an AUI NIC that would take
down a segment even when the NIC WAS NOT PLUGGED INTO THE PC.  Suspicion was
that there was a short in the transceiver that was causing massive
reflections back into the segment.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of
Valdis.Kletnieks () vt edu
Sent: Thursday, May 13, 2004 11:21 AM
To: Sean Batt
Cc: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] (AUSCERT AA-2004.02) AUSCERT Advisory -
Denial of Service Vulnerability in IEEE 802.11 Wireless Devices (fwd) 


On Thu, 13 May 2004 15:22:19 +1000, Sean Batt <sean () coombs anu edu au>
said:

===========================================================================

AA-2004.02                     AUSCERT Advisory

      Denial of Service Vulnerability in IEEE 802.11 Wireless Devices
                                13 May 2004

....

      The vulnerability is related to the medium access control (MAC)
      function of the IEEE 802.11 protocol.  WLAN devices perform Carrier
      Sense Multiple Access with Collision Avoidance (CSMA/CA), which

"Protocols that work by listening for silence to know when it's OK to
start sending will lock up if something transmits continuous non-silence".
Am I the only person around who's been in this business long enough to
remember
how one jabbering transciever can take down an entire Ethernet thinwire or
thickwire segment??
This is right up there with the recent "Wow, RFC793 says an RST only has
to be in the window, not right on it" TCP "hole".


*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized. 

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.         
*****************************************************************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: (AUSCERT AA-2004.02) AUSCERT Advisory - Den ial of Service Vulnerability in IEEE 802.11 Wireless Devices (fwd) Ng, Kenneth (US) (May 13)
- Re: (AUSCERT AA-2004.02) AUSCERT Advisory - Den ial of Service Vulnerability in IEEE 802.11 Wireless Devices (fwd) Valdis . Kletnieks (May 13)
- Re: (AUSCERT AA-2004.02) AUSCERT Advisory - Denial of Service Vulnerability in IEEE 802.11 Wireless Devices (fwd) Exibar (May 13)
- Re: (AUSCERT AA-2004.02) AUSCERT Advisory - Den ial of Service Vulnerability in IEEE 802.11 Wireless Devices (fwd) Seth Alan Woolley (May 13)
  - Re: (AUSCERT AA-2004.02) AUSCERT Advisory - Den ial of Service Vulnerability in IEEE 802.11 Wireless Devices (fwd) Phil Brutsche (May 13)