On Tue, 2013-12-03 at 14:50 +0530, Krishna Chaitanya wrote: > On Tue, Dec 3, 2013 at 12:21 AM, Johannes Berg > <johannes@xxxxxxxxxxxxxxxx> wrote: > > From: Johannes Berg <johannes.berg@xxxxxxxxx> > > > > The GTK is shared by all stations in an 802.11 BSS and as such any > > one of them can send forged group-addressed frames. To prevent this > > kind of attack, drop unicast IP packets if they were protected with > > the GTK, i.e. were multicast packets at the 802.11 layer. > > > > Based in part on a patch by Jouni that did the same but in the IP > > stack, which was considered too intrusive. > > > As per RFC 1122 this is an invalid case: > When a host sends a datagram to a link-layer broadcast address, > the IP destination address MUST be a legal IP broadcast or IP > multicast address. > > A host SHOULD silently discard a datagram that is received via > a link-layer broadcast (see Section 2.4) but does not specify > an IP multicast or broadcast destination address. > > We can simply drop this frame irrespective of GTK/PTK is used. Interesting. Can you point out where this is implemented in the IP stack(s)? johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
