Actually, nerowolfe, that message comes from the *AirPort driver* when it detects a problem with the TKIP Message Integrity Check or the associated checksum.
(See the file:
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resource s/ClientController.bundle/Contents/Resources/English.lproj
it contains the strings:
"wpaIsFailureMIC" = "The wireless network appears to have been compromised and will be disabled for about a minute.";
"wpaIsReplayAttack" = "The wireless network appears to have been compromised and will be disabled for about a minute.";
)
Two "easy" ways of avoiding this are to change to a different router or, if possible, only use WPA2 encryption.
Detail:
When the message is seen, it's because:
TKIP uses a keyed Message Integrity Check (MIC) to detect packets that are replayed or forged. Anyone can send (that is, inject) a TKIP-encrypted packet that has been captured and modified, but those packets are dropped because the MIC and checksum do not match the data carried by the packet. APs using TKIP usually transmit an error report when the first bad MIC is received. If a second bad packet arrives within 60 seconds, the AP stops listening for another minute and then "rekeys" the WLAN, requiring all clients to start using a new "pairwise master key" to generate both the MIC key and those per-packet encryption keys.
http://searchnetworking.techtarget.com.au/tips/28356-How-to-avoid-the-WPA-attack -entirely
Now there
are TKIP injection attacks, and it could be that the wireless network involved
is under attack, but it's more likely that the router is incorrectly calculating the MIC or checksum, or the MIC or checksum are being corrupted during transmission, usually due to interference from another router nearby.