View Single Post
  #57   Spotlight this post!  
Unread 13-07-2012, 20:02
kjohnson's Avatar
kjohnson kjohnson is offline
Insert Clever Title Here
AKA: Kyle J.
FRC #1610 (BOT)
Team Role: Mentor
 
Join Date: Jan 2004
Rookie Year: 2004
Location: Virginia
Posts: 575
kjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond reputekjohnson has a reputation beyond repute
Re: [FRC Blog] Einstein Report Released

Quote:
Originally Posted by techhelpbb View Post
Additionally the FIRST report oddly doesn't discuss that the AirTight hardware did not produce for them sufficient warning of this issue or whether they consider that something they need to pursue (it was the assumption that this additional monitoring was sufficient to keep intentional interference from happening at all).
I know the report is long, but I urge everyone who wants to make a statement about the report read the entire report first. There have already been multiple posts in this thread containing false assumptions.

Quote:
Originally Posted by Denial-Of-Service Attacks p.10-11
...
The AirTight system successfully detected and flagged this test as a “Denial of Service Attack” event.
...
The next tests involved targeting the attack at the specific client (the robot radio) and throttling the rate at which the tool sent the de-authentication packets. These attacks were also successful at disrupting the communication, but were able to elude detection by the AirTight sensor. Further investigation into the thresholds for classifying an event of this type in the AirTight system revealed a minimum of 8 directed or 4 broadcast de-authentication packets per second for a minimum of 90 seconds must be detected for the AirTight system to flag and classify a denial of service event. FIRST has determined that these thresholds provide insufficient protection for the FRC wireless use case.
Quote:
Originally Posted by Next Steps, p.23
A number of solutions to the network susceptibility to a “De-Auth Flood” attack will be investigated including working with AirTight to modify thresholds for detection, implementing custom capture and detection of these attacks, and changing radios to a custom solution which is more resistant to these attacks.
Reply With Quote