New risks in 802.11n

Security expert identifies emerging wireless vulnerabilities

Along with the potential performance and coverage benefits of 802.11n come a few new security risks, says industry security guru Joshua Wright. Wright presented a Webinar last week that outlined several new vulnerabilities that high-speed 802.11n networks introduce.

Wright, who has spent a decade ferreting out wireless security attacks, is an instructor for the SANS Institute, an information technology watchdog organization that offers information security training, certification and information resources. He's also a senior security researcher at Aruba Networks.

Here are a few 802.11n vulnerabilities he highlighted:

Wireless intrusion detection system (WIDS) gap

If using channel bonding to transmit across 40MHz channels (recommended primarily for the channel-abundant 5GHz band), it will take WIDSs twice as long to scan the frequencies for malicious patterns as it did to scan earlier 20MHz channels. The situation effectively doubles the time a hacker has to penetrate a given frequency until the scanner makes its way around to that frequency again - from about 4 seconds to about 8 seconds, Wright says.

Viewed another way, in a 20MHz channel, an attack must last about 4 seconds to be detected; in a 40MHz channel, it has to last 8 seconds. What kind of attack could be mounted in 4 to 8 seconds? "Mostly driver exploits [see below], which are 1- or 2-packet attacks," says Wright.

Driver exploits

Wright says there is "lots of vulnerable code out there driven by the [industry] frenzy to get 802.11n into the hands of users. When you have a driver vulnerability, a hacker can gain administrative access."

Of possible help here is a free tool from Aruba called the WiFi Driver Enumerator (WiFiDEnum). Using a database of known wireless vulnerabilities, WiFiDEnum assesses the versions of installed drivers and produces a vulnerability report, identifying systems and specific drivers that are at risk to wireless driver exploit attacks.

No protection yet for "block" acknowledgements (ACK)

IEEE 802.11n introduces a mechanism to acknowledge a block of packets, instead of individual packets, identified by a beginning and ending sequence identifier. "This block ACK mechanism is not protected; any attacker can spoof one of these messages and create an obscenely large window within which frames can be sent with no ACK," thereby creating an 802.11n denial-of-service vulnerability, says Wright. At this juncture, "There is no fix for this mechanism," he says.

Josh Wright is senior security architect for Aruba Networks

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Joanie Wexler

Network World
Show Comments





Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?