Here's how session hijacking works. The hacker waits for someone to finish successfully the authentication process. Then you as the attacker send a disassociate message, forging it to make it look like it came from the AP [access point]. The client [user] thinks they have been kicked off, but the AP thinks the client is still out there. As long as WEP is not involved you can start using that connection up until the next time out, usually about 60 minutes,

William Arbaugh

Related Quotes

Security technologies depend on the correctness of the system they're actually checking.

— William Arbaugh

If you look at the 802.1x, they tell you the 1x protocol is insecure when used in a shared medium environment unless a security association is established. Since 802.11 doesn't do that, so by IEEE's own words it is insecure,

— William Arbaugh

The robber gets there first,

— William Arbaugh

would be shocked if they solved the problem.

— William Arbaugh

This problem exists whether you use WEP or not, but it is trivial to exploit if not using WEP,

— William Arbaugh