Security Basics: Re: wireless help

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

Re: wireless help

From: "Patoff Pat-EtHiQ" <patoff22 () hotmail com>
Date: Fri, 03 Oct 2003 21:55:09 +0000

I've already found a program (software, not free...) that you could map yourhouse/office with it, and it check where every user is on the wirelessLan,if someone, who is wardriving or, is not in the restricted area he wont beable to connect trought the server.

With some Mac and ip list restrict to your user only, it could be a goodmix.

and like its say below, security on the server dhcp and other services isthe best way, if the attacker as an ip and a mac but cant use any serviceson the lan, well its useless ... ;)

But i dont know if someone talk about it, but if an attacker has a Mac andip of a user already connect and he as a Better signal and he is closer thanthe victim, the victim, is out, and the attacker can get is connection. thisway i dont know how to secure...


Pat
www.pyrofreak.org

Just my little something...
Tomas

Though presumably an attacker could spoof a MAC address which you havelisted as valid, no? Simply by passively sniffing, he could gain a valid IP*and* MAC, and use both.

Even if you were to require user authentication, and time out inactivesessions, he could concievably hijack an active session, so long as thelegit client doesn't do anything when it recieves responses to connectionsit's never made (I suspect a Windows machine with a personal firewall likeZoneAlarm would behave in this way, failing to terminate connectionsinitiated by the attacker in its name). So a hijacker could probably grab anactive connection for the duration of its activity, or even keep it activeafter it's been abandoned. The only real foolproof way to prevent this wouldbe encryption like VPN or IPSec, I suspect. Which is certainly overkill orsimply unfeasable for many installations.



---------------------------------------------------------------------------
----------------------------------------------------------------------------

_________________________________________________________________

MSN Search, le moteur de recherche qui pense comme vous !http://fr.ca.search.msn.com/



---------------------------------------------------------------------------
----------------------------------------------------------------------------

By Date By Thread

Current thread:

RE: wireless help, (continued)
- RE: wireless help David Gillett (Oct 02)
- Re: wireless help Tomas Wolf (Oct 02)
  - Re: wireless help N407ER (Oct 03)
    - Re: wireless help Tomas Wolf (Oct 03)
- RE: wireless help Zachary Mutrux (Oct 03)
- Re: wireless help Patoff Pat-EtHiQ (Oct 03)