Skip to main content

"Wireless network compromised" message on Mac

More
16 years 2 months ago #27682 by KiLLaBeE
Hey guys,
I was working outside on my Mac today on the wireless network and got a message that I've never seen before. It said "The wireless network appears to have been compromised and will be disabled for about one minute." At first, I thought that the reason why I got it was because I was running Kismet on the Mac, so I shut Kismet down only to see the error again three hours later. I found it strange that I got this message on my own wireless network, outside my house in my neighborhood when I didn't receive this message on the DefCon (hacker convention) or local library wireless network!

The wireless network has MAC address filtering enabled, SSID broadcasting disabled, WPA2 encryption enabled, and a pretty lengthy and complex shared key, so I didn't really believe the error.

I did a bit of Googling and heard mixed stories about the issue. Some users who switched from Linksys wireless routers to other routers stopped seeing it (and I have a Linksys wireless router) and another user mentioned that after applying a patch to VMware Fusion (which I was running) he stopped receiving it. Others mentioned that this happens when there's high traffic occurring on the WLAN (which was occurring). Some users mentioned that the issue is due to WPA and WPA2 encryption (which I run). And some others mentioned that they started having it after getting Leopard (which I run).

I'm wondering if any of you have seen this message or if any of you have found some kind of article published by Apple that explains how the Mac considers a WLAN "compromised."

The message doesn't concern me much (without sounding overconfident in the security of my WLAN).

On a separate note, though, I do like the fact that the Mac has the ability to detect the integrity of a WLAN :-).

Thanks for your time
More
16 years 2 months ago #27684 by S0lo
I'm a complete mac illiterate. But from a quick read on it, There is a possibility that the error originates from linksys/cisco APs rather than the mac itself.

www.cisco.com/en/US/docs/ios/12_4t/wlan/...n/guide/wlcgerr.html

Check the error messages named "DOT11-TKIP_MIC_FAILURE" and "OT11-TKIP_MIC_FAILURE_REPEATED" in the link above. Very similar behavior compared to what your saying. I still have no idea why this is happening. The VMware Fusion thing that you mentioned sounds suspicious. Hope some one else can help you more.

Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
More
16 years 2 months ago #27717 by The_Berzerker
Hi Killabee,
Personally I haven't come across this message, but by googling I came across this: www.deadlybloodyserious.com/2008/01/wire...appears-compromised/ which has some nice tips and findings in the comments.
Make sure that you are upgraded to the latest version of leopard, and that you clear all authentication information (while having airport turned off) and then enable and reconnect.

Maybe this will solve the problem. Let me know how you progress with this.
Cheers,
Harry
Time to create page: 0.119 seconds