- Worst of the lot: PCConnection and PCMall
- 10 ways the Chinese Internet is different
- Hacker writes rootkit for Cisco's routers
- Cisco loses $2 million order to Nortel
- Enterasys, Extreme hooking up?
Rss FeedQ&A: Firetide CEO Bo Larsson. Listen now!
Wireless mesh standard gets boost; New BlackBerry debuts. Listen now!
Learn how network-wide routing and CoS traffic visibility can help ensure your CoS traffic and converged IP service delivery
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
IT professionals like the idea of consolidating hundreds of servers into only a few, but it takes a lot more to cost effectively consolidate and virtualize servers. Watch this six-chapter webcast, "Reduce Complexity and Cost - Windows Server Consolidation with Virtualization" to learn how to effectively consolidate your Windows environment. One of the themes explored includes the characteristics of an orchestrated data center, which includes: Resource management, dynamic provisioning, job management, policy management, accounting and auditing and real-time availability. Learn more about orchestration and much more today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
f**k.me, bang.me, suck.me, etc. etc...- Anonymous
Since the ratification of the IEEE 802.11i amendment, organizations have been able to take advantage of improved security on wireless networks with WPA2-compliant hardware. However, the protection currently afforded to administrators only applies to data traffic and does not provide any protection for management or control operations on wireless networks.
Enter the IEEE 802.11w Task Group (TG). Approved as an IEEE 802.11 TG in March 2005, TGw is chartered to improve the security of wireless networks by protecting management frames. As other wireless working groups extend the functionality of management frames to include sensitive information including radio resource data, location-based identifiers, and fast-roaming information, it becomes clear that security in wireless networks needs to be extended to management frames as well as data frames.
The IEEE 802.11w TG has several challenges to overcome, however. To protect the confidentiality of management traffic, IEEE 802.11w assumes that the client and the access point have exchanged dynamic key content. This precludes the protection of any management frames prior to the delivery of key content, thus exposing network name (SSID) information and other capability information needed for clients to connect to the network. Maintaining backward compatibility for future non-IEEE 802.11w-compliant wireless devices will also be challenging for organizations, limiting the protection afforded by 802.11w until all hardware has been upgraded to support the required functionality.
A TGw solution that can identify spoofed management frames can disregard some malicious traffic used to launch DoS attacks against the network, such as a deauthenticate flood attack. However, mitigating DoS attacks is not the goal of the TG, and appropriately so; even if the AP and client can identify malicious management frames, 802.11w can never mitigate the effectiveness of RF-jamming attacks. Furthermore, the IEEE 802.11w TG has not indicated it intends to provide protection for control frames on the wireless network. Without protection, the attacker can to choose from a variety of DoS attacks that exploit various wireless-medium control techniques.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
