Home page logo
/

basics logo Security Basics mailing list archives

RE: About War Driving ..
From: "SHROYER, DONALD (CONTRACTOR)" <DONALD.SHROYER () DFAS MIL>
Date: Thu, 22 Feb 2007 13:17:06 -0700

In addition to those things, I would actually recommend that if you have
the capability, you should implement WPA instead of WEP. Also another
option is to limit the number of address that are given out by the
router to the number of machine that will be connected at one time.
Lastly you can implement a VPN solution between the router and the
machines so that authentication is required to access the wireless
network. Hope that helps. 


Donnie Shroyer

DFAS-TIIOD/DE

ELAN Infrastructure/ Network Engineer


 
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Ron Johnson - Adhost
Sent: Wednesday, February 21, 2007 1:03 PM
To: security-basics () securityfocus com
Subject: RE: About War Driving ..

Ok so other than restricting MAC addresses to only your machines and
having a WEP 128b enabled wireless network, what other measure could one
take to prevent this?



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Melissa
Sent: Tuesday, February 20, 2007 8:50 PM
To: security-basics () securityfocus com
Subject: RE: About War Driving ..

This might work... but if they can crack WEP chances are they can spoof
mac addresses as well 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On
Behalf Of nospam
Sent: Monday, February 19, 2007 3:18 PM
To: security-basics () securityfocus com
Subject: Re: About War Driving ..

How about blocking the MAC ADDRESS? of those two computers IPs?

most wireless routers have an allow/disallow MAC Filter




David Turnage wrote:

You could try nbtstat -A 192.168.1.246.  Netbios is turned on by
default
on a windows pc and if they don't have a firewall turned on this will 
tell you the machine name and if it is a pc on a corporate domain or 
not.  Sometimes people or corporations name their pcs with the 
company_name1, or username.  It might give you a place to start
looking.

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]
On Behalf Of Jure Krasovic
Sent: Thursday, November 30, 2006 11:50 PM
To: gaurav saha
Cc: security-basics () securityfocus com
Subject: Re: About War Driving ..

gaurav saha pravi:
 

Hi ,
I was wondering if it is possible to locate and catch a guy who is 
connecting to our wep wireless network and downloading stuff from 
torrents and using up our bandwidth ..
I checked up with arp scan and found 2 unknown IPs
192.168.1.246 and 247
Is there anyway of locating the guy in a building of 7 floors and how 
to stop this ..I have tried changing the Wep keys so . he is cracking 
the wep key.
Any Suggestion People ?
---gaurav




   

_______________________________________________________________________
_
____________
 

Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com


 
   

Did you think on rising up encryption to WPA... and may be use of
Radius

server for authentication. It would help a lot.


Regards!

         Jure

 



------------------------------------------------------------------------
---
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix. 

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/
ITNext/
------------------------------------------------------------------------
---



---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix.

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]