Sorry to jump into the middle of this and I don't have anything to offer
that is even close to the technical level you guys are talking about but for
802.11a/b networks why not just configure an access point with the same SSID
and channel, plant a big ole' antenna (tm) on it and simply over power the
real AP? Not an ongoing DoS but a pretty effictive short term one I would
think.

----- Original Message -----
From: "J Edgar Hoover" <zorchtotally.righteous.net>
To: "Toni Heinonen" <Toni.Heinonenteleware.fi>
Cc: "Meritt James" <meritt_jamesbah.com>; <vuln-devsecurityfocus.com>
Sent: Monday, March 25, 2002 11:02 AM
Subject: RE: Wireless device vulnerability?

> On Mon, 25 Mar 2002, Toni Heinonen wrote:
>
> > In the US and Europe, Bluetooth uses frequencies 2.400 MHz to 2.483,5
> > MHz, with 79 different bands to hop on, each 80 MHz wide or sometimes
> > more. Seeing as you would not try to synchronize your jammer with the
>
> I suspect you mean 2.4000 GHz to 2.4835 GHz.
>
> That's a total of 83.5 Mhz of bandwidth. I fail to see how you can get 79
> *different* bands each 80 MHz wide in an 83.5 MHz space.
>
> > hop sequence, do you think it would really be capable of jamming that
> > whole band? After all, even a square wave won't produce that much of a
> > disturbance to the neighbouring bands. I mean, of course you could
>
> Blotting out a signal is always easier than detecting it. Generating 83.5
> Mhz of noise at 2.4 GHz isn't hard at all.
>
> > build a jammer like that, but wouldn't it cost too much? I mean, I see
> > your point:
>
> Less than $10.
>
> > > It will always be cheaper to DoS a wireless network than it
> > > is to build
> > > it.
> >
> > Of course, the whole idea is that the protective safeguards for a
> > system do not cost more than the protected assets. Seeing as how a
> > Bluetooth chip is supposed to cost 5$ (of course not yet, but probably
> > so after mass production), would it really be possible to build a
> > jamming device of this magnitude for 10$ (the cost of a two-machine
> > Bluetooth network)?
>
> Would it really be possible to build a Bluetooth network for $10? I'll bet
> teleware.fi will never bill $10 for building one.
>
> While not a law of nature, it has been consistently demonstrated that
> wireless networks cost more than the vendor claimed and aren't as reliable
> as the vendor claimed.
>
> Bluetooth is the 'latest and greatest' in a long line of solutions that
> have consistently failed to live up to their claims.
>
> Here's a great example;
>
> Motorola sold a communications system to my state, making the same claims
> you make for bluetooth. It carries Police, Fire, EMS and government voice
> and data traffic. It is used for dispatching, Mobile Data Terminals and
> control of MOSCAD devices such as traffic lights.
>
> It was finished several years late, 200% over budget, and has never
> achieved more than 95% reliability.
>
> Worse, it would cost about $100 to disable this multi-million dollar
> system.
>
> It uses a small number of frequencies in the 800Mhz band for digital
> frequency hopping. The frequencies are fixed, and the PSN is so weak you
> can break it in realtime.
>
> If you're laughing now, sell a similarly scaled Bluetooth solution. By the
> time it is deployed, it will in perspective be as laughable as motorola's
> solution.
>
> > Additionally, you did not comment on my analysis of WLAN/UMTS
> > transmission a la DSSS. Do you have any ideas there?
>
> Plenty. Send specs, a prototype and a check.
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]