Vulnerability Development mailing list archives
Re: Wireless device vulnerability?
From: "Bill Pennington" <billp () boarder org>
Date: Mon, 25 Mar 2002 14:14:57 -0800
Sorry to jump into the middle of this and I don't have anything to offer that is even close to the technical level you guys are talking about but for 802.11a/b networks why not just configure an access point with the same SSID and channel, plant a big ole' antenna (tm) on it and simply over power the real AP? Not an ongoing DoS but a pretty effictive short term one I would think. ----- Original Message ----- From: "J Edgar Hoover" <zorch () totally righteous net> To: "Toni Heinonen" <Toni.Heinonen () teleware fi> Cc: "Meritt James" <meritt_james () bah com>; <vuln-dev () securityfocus com> Sent: Monday, March 25, 2002 11:02 AM Subject: RE: Wireless device vulnerability?
On Mon, 25 Mar 2002, Toni Heinonen wrote:In the US and Europe, Bluetooth uses frequencies 2.400 MHz to 2.483,5 MHz, with 79 different bands to hop on, each 80 MHz wide or sometimes more. Seeing as you would not try to synchronize your jammer with theI suspect you mean 2.4000 GHz to 2.4835 GHz. That's a total of 83.5 Mhz of bandwidth. I fail to see how you can get 79 *different* bands each 80 MHz wide in an 83.5 MHz space.hop sequence, do you think it would really be capable of jamming that whole band? After all, even a square wave won't produce that much of a disturbance to the neighbouring bands. I mean, of course you couldBlotting out a signal is always easier than detecting it. Generating 83.5 Mhz of noise at 2.4 GHz isn't hard at all.build a jammer like that, but wouldn't it cost too much? I mean, I see your point:Less than $10.It will always be cheaper to DoS a wireless network than it is to build it.Of course, the whole idea is that the protective safeguards for a system do not cost more than the protected assets. Seeing as how a Bluetooth chip is supposed to cost 5$ (of course not yet, but probably so after mass production), would it really be possible to build a jamming device of this magnitude for 10$ (the cost of a two-machine Bluetooth network)?Would it really be possible to build a Bluetooth network for $10? I'll bet teleware.fi will never bill $10 for building one. While not a law of nature, it has been consistently demonstrated that wireless networks cost more than the vendor claimed and aren't as reliable as the vendor claimed. Bluetooth is the 'latest and greatest' in a long line of solutions that have consistently failed to live up to their claims. Here's a great example; Motorola sold a communications system to my state, making the same claims you make for bluetooth. It carries Police, Fire, EMS and government voice and data traffic. It is used for dispatching, Mobile Data Terminals and control of MOSCAD devices such as traffic lights. It was finished several years late, 200% over budget, and has never achieved more than 95% reliability. Worse, it would cost about $100 to disable this multi-million dollar system. It uses a small number of frequencies in the 800Mhz band for digital frequency hopping. The frequencies are fixed, and the PSN is so weak you can break it in realtime. If you're laughing now, sell a similarly scaled Bluetooth solution. By the time it is deployed, it will in perspective be as laughable as motorola's solution.Additionally, you did not comment on my analysis of WLAN/UMTS transmission a la DSSS. Do you have any ideas there?Plenty. Send specs, a prototype and a check.
Current thread:
- RE: Wireless device vulnerability? Toni Heinonen (Mar 23)
- Re: Wireless device vulnerability? John Lampe (Mar 23)
- RE: Wireless device vulnerability? J Edgar Hoover (Mar 24)
- <Possible follow-ups>
- RE: Wireless device vulnerability? Toni Heinonen (Mar 25)
- RE: Wireless device vulnerability? J Edgar Hoover (Mar 25)
- Re: Wireless device vulnerability? Bill Pennington (Mar 25)
- Re: Wireless device vulnerability? Kurt Seifried (Mar 26)
- RE: Wireless device vulnerability? J Edgar Hoover (Mar 25)
- RE: Wireless device vulnerability? Toni Heinonen (Mar 25)
- RE: Wireless device vulnerability? J Edgar Hoover (Mar 25)
- RE: Wireless device vulnerability? Toni Heinonen (Mar 25)
- RE: Wireless device vulnerability? Toni Heinonen (Mar 26)
- Re: Wireless device vulnerability? John Lampe (Mar 26)