If this is the case, then there is really no recourse other than to physically locate and confront the attacker.įor use of unlicensed band spectrum (such as 802.11b/g and 802.11a) to be legal according to the FCC, the transmit power used on the unlicensed spectrum must be below certain transmit power levels (100mW for 802.11b/g, and varying according to channel for 802.11a). Selecting a new channel does not automatically turn the jamming attack into a non-issue - a clever attacker will use all available channels in the jamming attack. With 802.11a, there are many more alternative channels that can be selected. In 802.11b, for instance, if the attack was being made on the frequency corresponding to channel 1, the access point should automatically change to channel 6 or channel 11 to work around the attack. The next step is for the access point to dynamically and automatically reconfigure its transmit channel in reaction to the jamming attack, as identified by the change in physical layer and 802.11 layer transmission and reception characteristics. The network management system of the WLAN should be able to alert the administrator to the locations of the access points that are experiencing excessive retransmissions and receive errors. The RF jamming attack will also make itself known at the 802.11 MAC layer, because the transmission error rate and the receive error rate for the access point will be increased since 802.11 will require multiple retransmissions due to the increased noise floor. The degraded signal noise ratio should also be measurable from the access point, and the network management capabilities of your WLAN system should support reporting of noise floor levels that exceed a preset threshold, as well as reporting degradation of signal-to-noise ratio. The increased noise floor will result in a degraded signal-to-noise ratio as measured at the client. An RF jamming attack will be characterized at the physical layer by an increased noise floor on the RFs used to mount the attack. To minimize the potential impact of a non-worst case jamming attack, first identify the presence of the attack. In the worst case, it is impossible to defend against a radio jamming attack, because a clever attacker will jam all frequencies for both 802.11a and 802.11b/g. This attack can be mounted with off-the-shelf hardware from any mass-market consumer electronics retailer and free software downloaded from the Internet. If someone really wanted to disrupt your WLAN network, it would be far easier to launch an attack by sending periodic deauthenticated packets to all the wireless stations in the network. Regardless of the type or intent of interference, your wireless network must be able to detect, react and adjust to it accordingly. Advanced systems can prevent unauthorized attacking devices from accessing the system, modify configurations to maintain performance in presence of threats, track or 'blacklist' these threats, and find the physical location of rogue devices for rapid containment. At a minimum, these systems should detect an unauthorized client device or "rogue access point" in the presence of your wireless network. If your concern is malicious jamming, you should look into wireless prevention and detection functionality. The best way to combat the various forms of interference is to invest in a newer generation of WLAN systems that have real-time RF management, which can identify and adapt to interference. Older generations of WLANs are not effectively equipped to adapt to various forms of interference, and require an administrator to adjust channel and power on each access point manually through trial and error. This interference comes from a variety of sources, ranging from other legitimate 802.11 networks to noise from Bluetooth devices or microwaves. Most WLANs are open to all different kinds of interference, as the majority of non-proprietary wireless networking products available today follow 802.11 standards, which operate in the unlicensed 2.4 and 5.2 GHz bands. This can be as innocent as noise or interference on the same channels that are delivering WLAN service, or a direct attack on your RF domain launched from a malicious individual. Because RF is an open medium, “jamming” can be an issue.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |