Simple wireless flaw revealed

A simple feature in the way Windows handles wireless connections could be exploited to gain access, according to information released this weekend at ShmooCon. A document on nmrc.org by Mark Loveless explains the process ( http://www.nmrc.org/pub/advise/20060114.txt ), which despite being quite simple may have implications for many wireless users.


The issue involves ad-hoc wireless connections, which are automatically created when the laptop is powered up and no infrastructure access points are available. The laptop in question assigns a private address in the 169.254.x.x space, and an SSID mimicking the last network it successfully connected to.


When a second computer comes within range, it may watch for the broadcast SSID of the first laptop and set its SSID to match, creating a local network setup, according to a posting by Brian Krebs.


The caveat? Read in SecurityFocus –> http://www.securityfocus.com/brief/104

Leave a Reply