Authentication / Deauthentication Dos Attack Possible


Description Deauthentication DoS Attack is a type of attack in which an attacker sends deauthentication frames to the wireless access point or wireless client, thereby disabling the wireless connection and preventing the client from reconnecting to the access point. This attack is also known as “Deauth Attack”, “Deauthentication Flood”, or “Deauth Flooding”. It is listed as CWE-311: Missing Encryption of Sensitive Data, and is categorized as an authentication vulnerability in the OWASP Testing Guide.

Risk This attack can have serious consequences. It can cause denial of service (DoS) which can lead to an inability to access critical resources. Since the attack does not require authentication, it can be carried out anonymously and does not require any form of authentication. Additionally, since the attack does not require much technical knowledge, it can be carried out by anyone with access to the network, making it a risk to the entire network infrastructure.

Solution The best way to mitigate this vulnerability is to implement network security measures such as encryption, access control, and authentication methods. Encryption can be used to ensure that sensitive data is encrypted and not accessible to attackers. Access control can be used to ensure that only authorized users are able to access the network. Authentication methods, such as two-factor authentication, can be used to ensure that only authorized users are able to access the network.

Example The following code example is taken from CVE-2020-3702 and illustrates an example of a deauthentication DoS attack:

$ aireplay-ng --deauth 0 -a <AP_MAC_Address> -c <Client_MAC_Address> <Interface>

In this example, the attacker is sending a deauthentication frame to the access point (AP_MAC_Address) from the client (Client_MAC_Address) using the interface specified by .

Curious? Convinced? Interested?

Arrange a no-obligation consultation with one of our product experts today.