Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Protect against wireless driver flaws

the latest wireless risk explained.

Article comments

One of the talks announced for the Black Hat conference this summer in Las Vegas is about 802.11 driver vulnerabilities, which can affect users even if they aren't connected to a network.

All modern operating systems, such as Linux, BSD, Windows, and Mac OSX, have a similar fundamental security measure: the separation of kernel and user code. The kernel is the core of the operating system and controls processes, disk access, and hardware access. While programs are typically prevented from accessing the memory of other programs or directly controlling the hardware, the kernel has no such restrictions.

Vulnerabilities at the kernel layer are especially dangerous. Operating in the kernel, malicious code has complete control of the system. So-called "root kits" can alter the kernel to hide files from anti-virus scanners, hide running programs from the user, and capture input from the mouse or keyboard. Root kits have become an increasing risk with malicious software.

Drivers - remote data at kernel level
Device drivers function at the kernel level. Network device drivers are especially at risk as they handle remote data, which cannot be trusted. Any bugs in the code that handle remote packets can lead to system crashes, or worse, code execution at the kernel layer.

Remote driver bugs have typically been rare and can be quickly fixed once the vendor is notified. Kernel-layer bugs are very difficult to defend against without a vendor update. Antiviral software typically operates outside of the kernel, and firewall software can prevent connections on TCP/IP ports but not vulnerabilities at the wireless layer. 802.11 management packets contain no IP traffic data and are not passed to the wireless layer, but a flaw in the driver's handling of the management contents could lead to an exploitable vulnerability.

Many methods can be used to find vulnerabilities. The method du jour is "fuzzing." A fuzzer is a smart brute-force algorithm that provides enough structure to generate a packet that appears valid, but the contents of the fields are filled with iteratively randomised data. Fuzzing is not limited to wireless protocols; it has been a valuable technique for testing software responses to different types of invalid data for in-house developers and security researchers.

How to minimise the risks
Fortunately, the risks of bugs in wireless drivers can be minimised. The window of exposure is extremely limited. Unlike someone attacking an Internet server, the attacker must be within radio range of the victim. Always run the latest version of the drivers for your wireless card, as they may contain fixes for vulnerabilities such as these.

The ultimate protection? Turn off your wireless card when you aren't using the network.

Mike Kershaw is author of Kismet, a popular open-source project for 802.11 wireless network detection, sniffing, and intrusion detection as well as an editorial board member of the WVE. This article appeared in Network World.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *