joeschuh
join:2000-10-02
Englewood, OH
1 edit | Fall 2007?
Although it seems the attack would have to be a local attack I'm surprised that they are going to wait until fall of 2007. I'm sure the curious will be trying to exploit this for fun in public places where laptops are open and not connected to an AP. |
|
nivago
Think For Yourself
join:2000-11-16
Little Rock, AR | Be heard
Maybe, if we all scream loud enough, it will shame microsoft into an early release a la wmf patch. |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| said by nivago  :Maybe, if we all scream loud enough, it will shame microsoft into an early release a la wmf patch. This is easy to fix yourself; the WMF vulnerability was not.
Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site |
|
pnh102
Reptiles Are Cuddly And Pretty
Premium
join:2002-05-02
Mount Airy, MD | Go back to old way of finding wireless networks!
I still can't stand XP SP2's interface for finding wireless networks. The old way was much more straightforward.
--
Rove / Rumsfeld 2008! |
|
hayabusa3303
Over 200 mph
Premium
join:2005-06-29
clubs:
 ·QuantumVoice
 ·AT&T Southeast
 ·RoadRunner Cable
| Joke
Fall 2007 sounds like a Service pack 3 to be release than anything. With Vista coming out MS needs to get on the ball and quit playing around.
Ms cant figure out why people and some governments are switching to linux  hummmmmmm |
|
joeschuh
join:2000-10-02
Englewood, OH
| Consumers
I liken it to Network Associated Virus scan.... The enterprise version is straight forward and simple for someone who knows what they are doing to use (hell -- there isn't that much really)... The consumer version of McAffe (sp?) has so much crap to wade through even I have a hard time finding what I want sometimes.
I guess it's their effor to make it easy by making it harder. |
|
a
| reply to joeschuh
Re: Fall 2007?
no problem's here with wi-fi. |
|
MiloMindbend
join:2001-01-18
Jeannette, PA
| Not much of a flaw
The way I read it, the only thing that MS' implementation is doing wrong is looking for ad-hoc instead of infrastructure mode associations. Take that away, and unless you were using WPA or WPA2 (for mutual authentication), you can still suffer the same results. All the attacker needs to do is pull the SSID from the probe requests your client radio is sending and set up a soft access point advertising that SSID (see all the noise last year about "rogue APs"). The only thing they can fix without breaking the way 802.11 networking works is whether the attacker can use off-the-shelf ad-hoc functionality or he has to know a tiny little bit about how to set up an access point.
Either way, if you wander around with your device's WiFi adapter enabled, you can be providing a network connection to your device (again, unless it was configured to only use WPA or some other mutual-authentication scheme).
(Oh, and all the stuff about "getting a local address"? That's just the autoconf link-local addressing, and it has _nothing_ to do with WiFi. The attacker could just as easily provide DHCP on his soft-AP or ad-hoc peer, and the attackee would obtain an address from that and you'd still have connectivity.) |
|
RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11 | reply to Steve
Re: Be heard
"MessageLabs believes users running Windows XP Service Pack 2 (SP2) are not at risk."
Looks like it is already fixed...
--
Toolmaster of La Grange. |
|
Ammler
Premium
join:2005-04-19
Pittsburgh, PA | reply to joeschuh
Re: Fall 2007?
I would think that is someone is using a Laptop and not using the WiFi radio, they would have it turned off anyway. Using WiFi on my Lappy results in an additional 25 to 40% drain on my battery depending upon what I'm doing. YMMV |
|
tquade
join:2000-10-14
Regina, SK
| SP2 fix
Network Connections > Wireless Network Connection > Properties > Wireless Networks > Advanced >
select "Access point (infrastructure) networks only"
clear "Automatically connect to non-preferred networks"
SP1 folks are out of luck. |
|
MiloMindbend
join:2001-01-18
Jeannette, PA
| This really doesn't reduce the "vulnerability" much at all, though. If your WiFi adapter is not turned off, it's still going to send probe requests that include the SSID you're trying to join. All I have to do as an attacker is run an access point (note: I can build an AP out of a standard notebook running Linux or BSD -- it doesn't have to be a dedicated piece of hardware) with that SSID, and you'll still associate to my rogue network. You'll still get the same type of link-local address (unless I'm running a DHCP server), because that's IP functionality that's independent of the WiFi transport layer. I've still got IP-level connectivity to your computer. There really isn't much difference between the two cases.
If you don't want to expose your machine, turn the WiFi adapter _off_ when you're not deliberately using it, or at least make sure you've only been using authenticated networks. |
|
Prius
@cavtel.net
| reply to pnh102
Re: Go back to old way of finding wireless networks!
Straightforward? XP SP2 has a much better and improved native interface for wireless cards. With the pre SP2 way, there was so much headache that I would disable windows native control and use the card's client utility to configure it. I still use the client utility on my personal system, but for all the other machines that I fix, I upgrade to SP2 (if not SP2 already) and let windows control the wifi. Much easier for both me and the other person involved. |
|
HardwareGeek
join:2003-11-15
Brooklyn, NY
| blah
wow when people don't secure their router it's the persons fault but since it's their computer they bitch at Microsoft.
Does the same problem happen in Linux? Why no bitching at the Open source community. I know when I try to connect to a network on my iBook and it fails I am switched to adhoc mode. So the flaw kind of exist in OSX as well.
--
Email/MSN: Michael at hardwaregeeks.comAIM: MikeR35292 |
|
noone1
join:2004-06-04
Nashua, NH | reply to joeschuh
Re: Fall 2007?
This is a new flaw? Im sorry, but my company discovered and documented this flaw ... two and a half years ago. This is way old news and this security company is way behind the times. |
|
WirelessMajr
Premium
join:2005-08-03
College Place, WA | reply to HardwareGeek
Re: blah
Most of the people using *nix are smart enough to know what they are doing. That, and M$ controls the market share for OS. |
|
