RE: [LinkSec] http://www.ieee802.org/linksec/Meetings/Jan03/Seaman_1_0103.pdf
It is a DoS threat - depending on what service it denies. Awareness of
such is essential to deciding relative merits of service-implementations
(such as location-based or e911).
However, 802.11i-enabled WLAN roaming offers replay-protection.
-mani
> -----Original Message-----
> From: owner-stds-802-linksec@majordomo.ieee.org
[mailto:owner-stds-802-
> linksec@majordomo.ieee.org] On Behalf Of Mick Seaman
> Sent: Friday, January 03, 2003 8:33 AM
> To: stds-802-linksec@ieee.org
> Subject: RE: [LinkSec]
> http://www.ieee802.org/linksec/Meetings/Jan03/Seaman_1_0103.pdf
>
> I think that the threat that Joshua mentions is another DoS threat, no
> more.
>
> Mick
>
> > -----Original Message-----
> > From: owner-stds-802-linksec@majordomo.ieee.org
> > [mailto:owner-stds-802-linksec@majordomo.ieee.org]On Behalf Of Mani,
> > Mahalingam (Mahalingam)
> > Sent: Thursday, January 02, 2003 7:05 PM
> > To: Joshua Zhao; mick_seaman@ieee.org; stds-802-linksec@ieee.org
> > Subject: RE: [LinkSec]
> > http://www.ieee802.org/linksec/Meetings/Jan03/Seaman_1_0103.pdf
> >
> >
> >
> > That's a valid threat.
> >
> > Is such a threat a concern for just the window of time that 'older'
> > bridge takes to age its controlled port closed in the absence of a
> > dissociate?
> >
> > -mani
> > > -----Original Message-----
> > > From: Joshua Zhao [mailto:jzhao@cranite.com]
> > > Sent: Thursday, January 02, 2003 6:34 PM
> > > To: mick_seaman@ieee.org; stds-802-linksec@ieee.org
> > > Subject: RE: [LinkSec]
> > > http://www.ieee802.org/linksec/Meetings/Jan03/Seaman_1_0103.pdf
> > >
> > >
> > > I just want to comment on the potential threat that replays
> > can pose.
> > >
> > > Lack of replay attack can potentially be detriment to support for
> > > roaming. In case that the bridges use the arriving of legitimate
> > frames
> > > from a certain station on a given port to infer the current
> > attachment
> > > point of the station, replays at an access point other than the
> > > station's current point of attachment can potentially mislead the
> > system
> > > as to the whereabouts of the station. This could be a
> > serious threat.
> > >
> > > Regards,
> > >
> > > Joshua
> > > Scientist
> > > Cranite Systems, Inc.
> > > 6620 Via Del Oro
> > > San Jose, California 95119
> > >
> > > > -----Original Message-----
> > > > From: Mick Seaman [mailto:mick_seaman@ieee.org]
> > > > Sent: Thursday, January 02, 2003 1:23 PM
> > > > To: stds-802-linksec@ieee.org
> > > > Subject: RE: [LinkSec]
> > > > http://www.ieee802.org/linksec/Meetings/Jan03/Seaman_1_0103.pdf
> > > >
> > > >
> > > > Russ,
> > > >
> > > > Thanks for the comments.
> > > >
> > > > On the subject of replay you are right, generally I am
> > not concerned
> > > about
> > > > replay being used to subvert a service for which most critical
> > > > communication
> > > > is using an ordering/sequencing/duplicate suppression protocol
on
> > top.
> > > > However I would like to understand more about the threat
> > that replay
> > > could
> > > > pose at this layer, my imagination is not doing a great
> > job on this
> > > > subject
> > > > so any examples (other than ones that simply result in denial of
> > > service)
> > > > would help.
> > > >
> > [...]
> >
> >