Welcome to WebmasterWorld Guest from 54.226.194.180

Forum Moderators: bill

Message Too Old, No Replies

WiFi Security Flaw

     

engine

11:37 pm on Jan 17, 2006 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



A Microsoft Windows feature that allows PCs to automatically search for Wi-Fi connections could be exploited by hackers. The Wi-Fi feature in question is part of both Windows XP and 2000 and the flaw was reported at a hacker conference over the weekend.

WiFi security flaw [computerweekly.com]

Hanu

12:41 am on Jan 18, 2006 (gmt 0)

10+ Year Member



Does anybody know at which hacker conference this was reported? I find the article too general. I want to understand the implications and would like to read more about it.

Leosghost

1:05 am on Jan 18, 2006 (gmt 0)

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



One site in the hacker world is linking to this article [computerweekly.com]..presumably this link and site is what they are referring to ;)

The site ( which I do not link to due to possible issues with the TOS ) is not a "hacker conference" heh heh "panic stations everyone" ~~:0"dive ..dive! " ..but is a clearing house for various things ..specialising in security and vulnerabilities reporting ..

if you want sticky me ..for the URL ..Hanu read your
mail .)

one cannot be aware of what is said at all the meetings( there aren't many though ) ..there was one ( security meeting )this last weekend ( maybe )in Korea ..maybe someone from the area was there and maybe can say if this was discussed? ..then again the Korean meeting may not have happened yet ..

Setek

9:11 am on Jan 18, 2006 (gmt 0)

10+ Year Member



Does anybody know if Microsoft has released a Security Update yet?

If so, anybody know if there have been any confliction issues with those Intel M chips (the ones with the inbuilt wireless cards?)

I've only recently been having connection issues with my laptop and my AP... only when WPA or WEP is enabled on the AP though - been trying to discover whether a Windows Update was to blame.

If anybody has experienced similar problems and knows of a way to fix it, that would be great :)

madmatt69

9:29 am on Jan 18, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The article says at the bottom:

"As a result of the flaw, security experts have warned companies to make sure their staff use personal firewalls or are using Windows XP Service Pack 2, both of which prevents attacks."

henry0

12:08 pm on Jan 18, 2006 (gmt 0)

WebmasterWorld Senior Member henry0 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I did too read about SP2
So what's the big deal?
If SP2 is known as stopping the attack
And knowing that a vast majority of users run conscientiously or not SP2

MamaDawg

1:26 pm on Jan 18, 2006 (gmt 0)

10+ Year Member



More about this (including links to the article with more detailed information and workarounds) on the securityfocus site...

henry0

1:38 pm on Jan 18, 2006 (gmt 0)

WebmasterWorld Senior Member henry0 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Hmmmm :)
?

Easy_Coder

3:18 pm on Jan 18, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I read the MS Security Response Center Blog daily and those guys haven't made mention of this at all yet.

aleksl

4:50 pm on Jan 18, 2006 (gmt 0)



henry0: So what's the big deal? If SP2 is known as stopping the attack

because MS does not allow to upgrade to SP2 for anyone who has invalid key - and that includes many, many PCs that came with volume licensed XP, OEM installations, partner keys that were on the internet and were invalidated by MS, etc. etc. i.e. in a world outside "US businesses" it is pretty much anyone who didn't purchase XP directly from MS.

Tapolyai

8:21 pm on Jan 18, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The first widely public presentation of this flaw was at ShmooCon.

The flaw is that a WiFi networking in Windows will "remember" the last WiFi network it connected to.

Next time when there is no WiFi network to connect to, it will use the previous WiFi network name, and starts broadcasting it.
(Technically not exact, but trying to keep it simple.)

With that knowledge, and knowing some default settings, an other machine can connect to the target WiFi machine.

Fix? Turn off by default your WiFi network card when not in use.

henry0

8:36 pm on Jan 18, 2006 (gmt 0)

WebmasterWorld Senior Member henry0 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



aleksl
Thanks for the input; understood

rogerd

1:26 pm on Jan 19, 2006 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member



>>volume licensed XP, OEM installations, partner keys that were on the internet

Any proper OEM furnishes a valid license key. I've bought many personal PCs and never had a problem. The only people with a bogus license key either bought their PC from a sketchy vendor or knowingly installed bogus Windows. If someone's illegal Windows blows up because of a virus, I don't have a lot of sympathy. The problem, I suppose, is that some worms and trojans might use the large number of illegal installations to spread and/or attack other machines; this would create untold havoc and bad PR for Microsoft, since the vulnerability would be presented in the press as a "Windows flaw", not a "flaw affecting illegal Windows copies".

The guy on the street corner with an overcoat full of watches isn't selling genuine Rolexes, and the spammer who emails you offering to download Windows for $50 isn't selling the real thing either.

J_RaD

9:17 pm on Feb 3, 2006 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



seems like this is an easy fix as already stated.

disable your WiFi card if your not using it.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month