desparately seeking

Matt lbo at beyondzero.net
Tue Aug 20 14:49:33 PDT 2002


On Tue, Aug 20, 2002 at 04:57:11PM -0400, Kelley wrote:
> I'm desperately searching my hard drive and the Web looking for the name of
> an ATTACK TOOL that exploits the Extensible Authentication Protocol in
> order to perform a DoS attack.
>
> I swear to St. Karl that I read about this last month or maybe June, but I
> can find nothing. nada. zip. zilch!
>
> Anyone have any klew? I know, weird place to look, but there are enough
> geeks around this joint and I'm desparate because I need it to finish up an
> article I'm writing! BAH! Deadlines.

IIRC EAP doesn't authenticate the logoff communication's frame. You may know that already, if not, perhaps that might help the search.

Mike Shiffman from @Stake has a tool called Omerta that spoofs disconnects of an 802.11b client to the AP, which causes a DoS if the attacker has enough db in his antenna. Maybe not relevant but with the current 802.1X + EAP hype and his recent demo of the tool at Blackhat maybe it is that of which you are thinking?

HTH,

Matt

-- PGP RSA Key ID: 0x1F6A4471 aim: beyondzero123 PGP DH/DSS Key ID: 0xAFF35DF2 icq: 120941588

yahoo msg: beyondzero123 I want peace on earth and good will toward men.

-Erwin "Whistler" Emory We are the United States Government. We don't do that sort of thing.

-Bernard Abbott



More information about the lbo-talk mailing list