Wi-Fi protocol open to PDA attacks

A vulnerability in the 802.11 wireless protocol that could allow someone with a PDA to disrupt corporate wireless communications has been discovered by The University of Queensland in Australia.

More and more companies are implementing wireless instead of hard-wired networks to reduce clutter and save installation costs. Microsoft is a prime example - at its UK campus in Reading, employees can only access the intranet and internet using their secure wireless connection.

According to an advisory from AusCert, the Australian Computer Emergency Response Team at the University of Queensland, the vulnerability does not allow an attacker to intercept or modify the data being transferred, but it could threaten the reliability of a corporate network and leave employees without access to online resources.

The attack can be executed using a standard PDA with 802.11 facilities and cause "significant disruption" to all Wi-Fi traffic from access points in a range of around 100 metres.

"Devices within range of the attacking device will be affected. If an access point is within range, all devices associated with that access point are denied service; if an access point is not within range, only those devices within range of the attacking device are denied service," the advisory said.

AusCert said there are no upgrades or defences against the attack because the problem lies in the fundamental implementation of the 802.11 DSSS [Direct-sequence spread spectrum] protocol. Munir Kotadia writes for ZDNet UK