lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070130225641.GH32304@instant802.com>
Date:	Tue, 30 Jan 2007 14:56:41 -0800
From:	"Jouni Malinen" <jkm@...icescape.com>
To:	Larry Finger <larry.finger@...inger.net>
Cc:	Dan Williams <dcbw@...hat.com>,
	Johannes Berg <johannes@...solutions.net>,
	netdev <netdev@...r.kernel.org>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: Hidden SSID's

On Tue, Jan 30, 2007 at 01:08:29AM -0600, Larry Finger wrote:

> Any AP with a hidden SSID will only respond to probe requests that specify its SSID, and will ignore
> any other probes. In addition, the response will have an empty SSID field. These responses are the
> only ones in which a substitution would occur. These are the same responses where the current code
> sends back the "<hidden>" pseudo-SSID. My change would put the correct one there.

Is the SSID from the probe response really used here? Your patch did not
look like that.. The SSID from the last scan request command may not be
the one that triggered the last scan (e.g., one could request a new scan
without specifying an SSID).

> We aren't guessing. The response frame with the empty SSID field must have come from the AP with the
> SSID we want. Filling in the expected value is just making it easier for the user-space tools.

I don't see how the proposed patch would be using the correct SSID value
in all cases. Especially cases where there are multiple APs using hidden
SSIDs, but with different real SSID values and cases where multiple scan
requests are being processed would be likely to leave windows open for
reporting incorrect SSID.

-- 
Jouni Malinen                                            PGP id EFC895FA
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ