protection against wireless DOS attack
hi everyone,
I own two wireless hotspots and i intend to expand across the town. right now i discovered that a simple
DOS attack can ruin the internet experience for my customers using a an aircrack command like;
Code:
aireplay-ng -0 0 -a (bssid) mon)
truly, i've confirmed this in several tests and apparently the person wouldn't need to even be authenticated to my
network.
now i have a couple of questions;
1. how can i protect my network against such an attack
2. if i don't hide my network ssid, is it still possible for it to be DOS'ed if the person uses a tool like
kismet to see my radio's MAC address
3. will it help if i use 5 ghz radios and connect customers to the hotspot through a 5ghz CPE since laptops
run on 2.4 or is it possible for a 5ghz frequency to also be DOS'ed?
4. is there a way to trace the person who is DOSsing the network (just in case i want to smash his head with a club :) ) ?
i'm really a noob in wireless security and will appreciate any input to help my network as i try to scale
thanks,
max
Re: protection against wireless DOS attack
The deauthentication packets sent by aireplay-ng are based on rules as stated in the IEEE regulations, so all WiFi devices must accept them. I'm not aware of methods to prevent these attacks, but I am no expert. Hiding (or not) the SSID or using the 5GHz band does not change this.
Re: protection against wireless DOS attack
Quote:
Originally Posted by
rastamouse
using the 5GHz band does not change this.
but if the person is going to DOS my network with a laptop i was thinking 5 ghz will be out of reach for him since it will be a 2.4ghz frequency.
how will the person be attacking my 5ghz radio?
Re: protection against wireless DOS attack
Ok, sorry. Assuming the person does not have a card capable of communicating on the 5GHz band, then this is true. I meant to say that the 5GHz band was not immune to this type of attack.
