Home page logo
/

basics logo Security Basics mailing list archives

Re: Demonstrate to users- insecure APs
From: krymson () gmail com
Date: 4 Jun 2007 18:26:39 -0000

This list can be endless. :)

Yes, I could sniff all your traffic when I connect to your open wireless network. If you do banking, IM, email, and any 
such service over wireless, I can grab the packets and (encryption notwithstanding) pilfer information off your network.

Second, yes, I could connect to the Internet through that AP. At that point, everything you can think of that people do 
behind their Internet connections I could do through your wireless...only I'd have less chance of getting things traced 
back to me. It'd be traced back to you. I could share copyrighted materials, attack other networks, abuse your 
connection to post hate comments, download illegal things, browse porn (or worse), send millions of spam emails...

The abuses go beyond that, however. I could attack your AP by trying to brute or guess the admin password at which 
point I could repoint your DNS (albeit slightly useless when I can sniff you anyway, but I could open you up to 
browser-borne attacks), open ports to the Internet, etc. I could even lock you out of your own wireless network or host 
a server on your network that offers up nasty stuff to the Internet.

I can attack clients on your network (technically, this can be done without even connecting, but let's not go that 
deep). If your Windows users are not patching properly or running things like IIS, I can pilfer information or outright 
own them.

I can even inject traffic (one of those fun things that just doesn't typically work well enough on wired) and change 
what you see simply by answering your requests faster than the Internet gets back to you.

Basically, an open wireless setup is fun, and only limited by the number of threats that live or may happen to be 
around you, and the imagination of those threats.


<- snip ->
Suppose I leave my Access Point in Unsecured Mode, no WEP/WPA etc.

Someone connects to my AP and receives an IP assignment via it's DHCP.

Is it possible to sniff all the traffic from all the machines that get's 
connected and browse the Internet/LAN through this AP?

I mean, apart from the usual money saving aspect of having a free ride on 
other people's money, ( at home) what else is the risk?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]