cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

Wifi and FRAGAttacks

Right.  You might want to pay attention to this one, since it's inherent in the protocol ("Come and see the insecurity inherent in the system!"), and affects pretty much every version and implementation of wifi.

 

It's called FRAGAttacks (FRagmentation and AGgregation attacks).  It's not a single vulnerability, but lots of them.

 

The issues.

 

Twelve specific flaws.

 

https://thehackernews.com/2021/05/nearly-all-wifi-devices-are-vulnerable.html

 

(Shades of 5G ...)


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
4 Replies
alekos
Newcomer II

Re: Wifi and FRAGAttacks

Great post! I was not aware of this vulnerability in WiFi. Apparently WiFi aggregates frames into larger ones to improve efficiency. In order for the receiving system to know if the frame is aggregated there is a flag in the header that is either set to true or false. The problem is that this flag can be manipulated. By setting the flag of a non aggregated frame to true, malicious frames could be aggregated to this frame.
Thanks again for posting this, it was the most interesting thing I learned today.

Alex
Steve-Wilme
Advocate I

Re: Wifi and FRAGAttacks

Saw this on hackernews and thought oh no not again!  

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
rslade
Influencer II

Re: Wifi and FRAGAttacks

> alekos (Newcomer II) posted a new reply in Industry News on 05-12-2021 11:46 PM

> Thanks again for posting this, it was
> the most interesting thing I learned today.

Thank you for those kinds words, and quite welcome. Always happy to help.

(In other news, the latest report on the Colonial pipeline issue that I have heard
(but not yet been able to verify) is that the ransomware attack is *not* what shut
it down: Colonial ceased pumping because of concerns that they wouldn't be able
to *BILL* customers properly ...)

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 978-0-367-68269-9
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

Re: Wifi and FRAGAttacks

> Steve-Wilme (Advocate I) posted a new reply in Industry News on 05-13-2021 01:14

> Saw this on hackernews and thought oh no not again!

Teardrop lives!

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 978-0-367-68269-9
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468