Any ideas?
Attached Thumbnails
Edited by googlymoogly, 27 July 2007 - 11:24 AM.
VERY STRANGE WIRELESS BEHAVIOR
Started by
googlymoogly
, Jul 27 2007 11:23 AM
#1
Posted 27 July 2007 - 11:23 AM
googlymoogly
-
- Member
-
- 18 posts
Member
Any ideas?
#2
Posted 27 July 2007 - 11:42 AM
dsenette
-
- Community Leader
-
- 26,047 posts
Je suis Napoléon!
is the buffalo or the actiontec in y our computer? (i'm going to assume that the actiontec is the wireless router/modem and the buffalo is your PC's wireless card right?)
#3
Posted 29 July 2007 - 02:11 PM
googlymoogly
- Topic Starter
-
- Member
-
- 18 posts
Member
actiontec is router, buffalo is wireless card.
#4
Posted 23 August 2007 - 11:02 AM
googlymoogly
- Topic Starter
-
- Member
-
- 18 posts
Member
bump::
Hey guys, I just had this happen again. It's like all of a sudden my wireless card refuses to respond or something. I see in wireshark again that it's receiving "EAPOL" key but even disabling and re enabling wireless adapter doesn't work.
The only thing that does work is a reboot. And even then, it hangs on soft reboot so I have to hit the reset button.... What is going on!?!?!?
EDIT: Uploaded events and services where things started to "look funky". The TCPIP error continues from 8 AM to about 11 AM.
Hey guys, I just had this happen again. It's like all of a sudden my wireless card refuses to respond or something. I see in wireshark again that it's receiving "EAPOL" key but even disabling and re enabling wireless adapter doesn't work.
The only thing that does work is a reboot. And even then, it hangs on soft reboot so I have to hit the reset button.... What is going on!?!?!?
EDIT: Uploaded events and services where things started to "look funky". The TCPIP error continues from 8 AM to about 11 AM.
Attached Thumbnails
Edited by googlymoogly, 23 August 2007 - 11:20 AM.
#5
Posted 29 August 2007 - 05:39 PM
googlymoogly
- Topic Starter
-
- Member
-
- 18 posts
Member
Hello all-
Just found some stuff on EAPOL attacks... I don't use EAPOL on my wireless adapter, but the computer that is having problems is in the DMZ of my router (Running Sygate Personal Firewall). I do this to allow web hosting and some other remote access solutions from home. Even though I don't use EAPOL to authenticate, is it possible someone is trying to gain access by spoofing as "me" and trying to hijack my session on the router? Then in turn I am being kicked off until rebooting?
PLEASE anyone- if you can help that would be so great.
EAPOL Start Attack
WiFi Manager raises this alarm when it sees a wireless client sending too many EAPOL start packets.
What is EAP ?
EAP stands for Extensible Authentication Protocol. It is a general protocol for authentication more commonly used in wireless networks and Point-to-Point connections. It supports multiple authentication methods such as EAP-MD5, EAP-TLS, EAP-SIM, EAP-TTLS, LEAP, PEAP.
What is this EAPOL Attack ?
EAP authentication starts with a EAPOL-start frame, which is sent by the wireless client to the Access point. Upon reception of such a frame the Access point responds back to the wireless client with an EAP-Identify-Request and also does some internal resource allocation. Attackers use this vulnerability, they send a lot of EAPOL-start frame to the Access point either by spoofing the MAC address or by emulating wireless clients, forcing the Access point to allocate more and more resource and there by bringing it down
EAPOL-Logoff Attack
WiFi Manager raises this alarm when it sees a wireless client sending too many EAPOL Logoff packets.
What is EAP ?
EAP stands for Extensible Authentication Protocol. It is a general protocol for authentication more commonly used in wireless networks and Point-to-Point connections. It supports multiple authentication methods such as EAP-MD5, EAP-TLS, EAP-SIM, EAP-TTLS, LEAP, PEAP.
EAPOL LOGOFF attack
Attacker spoofs a 802.1x EAPOL-Logoff frame
from the legitimate client station to fool the AP in logging off the client
What is this EAPOL Logoff Attack ?
Wireless clients using EAP authentication to connect to the wireless LAN, terminates their authenticated session by sending an EAPOL Logoff frame. This frame sent by the wireless client is not authenticated. Attackers use this vulnerability. They spoof this frame and send it to the Access point by having the source MAC to that of the wireless client, thus knocking the wireless client off the WLAN. Typically the wireless clients will try to re-establish the association, but the session will be short lived as the attacker will be sending this EAPOL Logoff frame continuously.
Just found some stuff on EAPOL attacks... I don't use EAPOL on my wireless adapter, but the computer that is having problems is in the DMZ of my router (Running Sygate Personal Firewall). I do this to allow web hosting and some other remote access solutions from home. Even though I don't use EAPOL to authenticate, is it possible someone is trying to gain access by spoofing as "me" and trying to hijack my session on the router? Then in turn I am being kicked off until rebooting?
PLEASE anyone- if you can help that would be so great.
EAPOL Start Attack
WiFi Manager raises this alarm when it sees a wireless client sending too many EAPOL start packets.
What is EAP ?
EAP stands for Extensible Authentication Protocol. It is a general protocol for authentication more commonly used in wireless networks and Point-to-Point connections. It supports multiple authentication methods such as EAP-MD5, EAP-TLS, EAP-SIM, EAP-TTLS, LEAP, PEAP.
What is this EAPOL Attack ?
EAP authentication starts with a EAPOL-start frame, which is sent by the wireless client to the Access point. Upon reception of such a frame the Access point responds back to the wireless client with an EAP-Identify-Request and also does some internal resource allocation. Attackers use this vulnerability, they send a lot of EAPOL-start frame to the Access point either by spoofing the MAC address or by emulating wireless clients, forcing the Access point to allocate more and more resource and there by bringing it down
EAPOL-Logoff Attack
WiFi Manager raises this alarm when it sees a wireless client sending too many EAPOL Logoff packets.
What is EAP ?
EAP stands for Extensible Authentication Protocol. It is a general protocol for authentication more commonly used in wireless networks and Point-to-Point connections. It supports multiple authentication methods such as EAP-MD5, EAP-TLS, EAP-SIM, EAP-TTLS, LEAP, PEAP.
EAPOL LOGOFF attack
Attacker spoofs a 802.1x EAPOL-Logoff frame
from the legitimate client station to fool the AP in logging off the client
What is this EAPOL Logoff Attack ?
Wireless clients using EAP authentication to connect to the wireless LAN, terminates their authenticated session by sending an EAPOL Logoff frame. This frame sent by the wireless client is not authenticated. Attackers use this vulnerability. They spoof this frame and send it to the Access point by having the source MAC to that of the wireless client, thus knocking the wireless client off the WLAN. Typically the wireless clients will try to re-establish the association, but the session will be short lived as the attacker will be sending this EAPOL Logoff frame continuously.
#6
Posted 01 September 2007 - 11:05 AM
googlymoogly
- Topic Starter
-
- Member
-
- 18 posts
Member
Guys, anyone PLEASE if you can shed some knowledge on what is going on... I moved my computer out of the DMZ last night to see if that was the problem.
I think it may have something to do with downloading.
I was downloading a bunch of stuff off of steam client all night ( not torrents), and I had been kicked off. Ran wireshark again and its the same as in the first screenshot I posted.
I run WPA-PSK not EAPOL what is going on!?
I think it may have something to do with downloading.
I was downloading a bunch of stuff off of steam client all night ( not torrents), and I had been kicked off. Ran wireshark again and its the same as in the first screenshot I posted.
I run WPA-PSK not EAPOL what is going on!?
#7
Posted 01 September 2007 - 08:40 PM
Steve Lacy
-
- Member
-
- 12 posts
Member
I am seeing the same exact behavior on my wife's laptop. The wireless card has been crapping out all day. At first I could reconnect...then a soft reboot would work...now she can't connect at all. Have you gotten any help???
#8
Posted 02 September 2007 - 09:46 AM
googlymoogly
- Topic Starter
-
- Member
-
- 18 posts
Member
Negative!
Today I woke up and tried to reboot as it had lost connection overnight. The reboot did not solve the problem though this time! I had to actually power cycle my router to get it to go....
Yikes...
No idea steve?
Today I woke up and tried to reboot as it had lost connection overnight. The reboot did not solve the problem though this time! I had to actually power cycle my router to get it to go....
Yikes...
No idea steve?
#9
Posted 12 September 2007 - 09:15 PM
googlymoogly
- Topic Starter
-
- Member
-
- 18 posts
Member
nobody's got any ideas???
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
