topic Re: Wifi and FRAGAttacks in Industry News

Wifi and FRAGAttacks

rslade — Wed, 12 May 2021 22:38:37 GMT

Right. You might want to pay attention to this one, since it's inherent in the protocol ("Come and see the insecurity inherent in the system!"), and affects pretty much every version and implementation of wifi.

It's called FRAGAttacks (FRagmentation and AGgregation attacks). It's not a single vulnerability, but lots of them.

The issues.

Twelve specific flaws.

https://thehackernews.com/2021/05/nearly-all-wifi-devices-are-vulnerable.html

(Shades of 5G ...)

Re: Wifi and FRAGAttacks

alekos — Thu, 13 May 2021 03:46:39 GMT

Great post! I was not aware of this vulnerability in WiFi. Apparently WiFi aggregates frames into larger ones to improve efficiency. In order for the receiving system to know if the frame is aggregated there is a flag in the header that is either set to true or false. The problem is that this flag can be manipulated. By setting the flag of a non aggregated frame to true, malicious frames could be aggregated to this frame.
Thanks again for posting this, it was the most interesting thing I learned today.

Alex

Re: Wifi and FRAGAttacks

Steve-Wilme — Thu, 13 May 2021 17:14:43 GMT

Saw this on hackernews and thought oh no not again!

Re: Wifi and FRAGAttacks

rslade — Thu, 13 May 2021 17:17:30 GMT

> alekos (Newcomer II) posted a new reply in Industry News on 05-12-2021 11:46 PM

> Thanks again for posting this, it was
> the most interesting thing I learned today.

Thank you for those kinds words, and quite welcome. Always happy to help.

(In other news, the latest report on the Colonial pipeline issue that I have heard
(but not yet been able to verify) is that the ransomware attack is *not* what shut
it down: Colonial ceased pumping because of concerns that they wouldn't be able
to *BILL* customers properly ...)

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 978-0-367-68269-9
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

Re: Wifi and FRAGAttacks

rslade — Thu, 13 May 2021 17:46:30 GMT

> Steve-Wilme (Advocate I) posted a new reply in Industry News on 05-13-2021 01:14

> Saw this on hackernews and thought oh no not again!

Teardrop lives!

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 978-0-367-68269-9
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/