Quote:
Originally Posted by DMetalKong
Correct me if I misunderstand though, but for 802.11 there is a standard protocol for the router (or other device) to attempt to make the connection. What I was suggesting was modifying this protocol through the router/AP firmware so that the routers/APs that are part of the field network could ignore unauthorized connection attempts.
|
There's probably no need to modify the protocol. It already dismisses failed client authentication attempts. The disruption to the field network seen on Einstein was due to a bug in the access point firmware, which combined with one version of robot router hardware to cause an unexpected loss of the network connection. That bug is no longer an issue.
An 802.11 protocol change that encrypts "management packets" could probably prevent deauthorization flood attacks from succeeding. It would also break a lot of things in the process.
Quote:
|
I see so much discussion of problems with the field without much discussion of solutions. That is not to say that people do not have solutions; I think it is easier to focus on what went wrong than on plans for the future (especially when I get the impression that people feel like they do not have a means of influencing change in the organization as a whole). As much as this discussion is veering from the original intent of the thread (the apology), I would rather see it derailed in a constructive fashion focusing on possible solutions, even if those solutions won't necessarily work.
|
Did you read the Einstein investigation report through to the end? The last two pages are all about planned possible changes, with a half dozen of them as specific solutions to observed problems.