Countering rogues in wireless networks

Wired networks are prone to the same attacks as wireless ones, including sniffing, spoofing and man-in-the-middle attacks (MITM). In this paper we show how wireless networks are particularly vulnerable to a simple MITM that can make even rudimentary Web surfing dangerous. We describe how we performed the attack and its ramifications. We argue why it is essential to have a VPN tunnel from the client to some trusted host (not access point) in order to avoid being compromised.

[1]  Joshua Wright,et al.  Detecting Wireless LAN MAC Address Spoofing , 2003 .

[2]  William A. Arbaugh,et al.  An Initial Security Analysis of the IEEE 802.1X Standard , 2002 .

[3]  Brian Hatch,et al.  Building Linux Virtual Private Networks (Vpns) , 2002 .

[4]  John Ioannidis,et al.  Using the Fluhrer, Mantin, and Shamir Attack to Break WEP , 2002, NDSS.

[5]  David R. Cheriton,et al.  DoS and authentication in wireless public access networks , 2002, WiSE '02.

[6]  Paramvir Bahl,et al.  Secure wireless Internet access in public places , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[7]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[8]  Partha Dasgupta,et al.  Secure wireless gateway , 2002, WiSE '02.