Securing a Wireless Network

Abstract

At the Black Hat conference in August 2006, David Maynor and Jon “Johnny Cache” Ellch shocked the Mac community by demonstrating to the world something that hackers had known for a long time: the Mac could be hacked, easily. Maynor and Ellch, two security professionals with long-time careers in the security industry, were able to release what is known as a proof-of-concept attack by exploiting the wireless Atheros drivers built into the Mac operating system. Using a script called setup.sh, which turned a Mac computer (with its wireless card turned on) into an access point, an attacker could gain control of an unsuspecting Mac user’s laptop. Another hacker script, called bad_seed, could then be run from the host computer to exploit the vulnerability in the target computer’s wireless driver; this would give an attacker access to a Terminal session on the target computer running root (which is a “superuser” that is allowed full control of the computer). The exploit was not released, but it did provide proof that the Mac community was a long way away from an operating system immune to wireless attacks. The concept used in the wireless exploit was not specific to Apple computers, but pointed instead to general flaws in wireless networking protocols as a whole.