Home page logo

pen-test logo Penetration Testing mailing list archives

RE: WLAN Security FAQ
From: "Klaus, Chris (ISSAtlanta)" <CKlaus () iss net>
Date: Wed, 10 Oct 2001 11:25:25 -0400

Good FAQ

Something you may want to add to this Doc is that whilst on 
most laptops
it is easy to see that there is a wlan card in it (they 
generally stick
out of the pcmcia slot quite a way) some laptops come with internal
cards that the user may or may not be aware of. Some recent 
MAC laptops
have the facility to have an internal wlan card as do (I believe) some
dell's. These could be misconfigured to allow peer to peer out of the
box. Does anyone have any info on this ? It *appears* that using 
airport cards in mac OS X you have to specifically turn on 
peer to peer,
though I am no mac expert.

Both HP and Dell have announced that their laptop lines will start to carry
802.11b technology built into them.  With Windows XP adding more native
support for 802.11b, it'll be interesting to see how the laptops are
configured by default.  Historically, the default would be that the 802.11b
is enabled and running.  As part of dealing with all the major security
issues, Microsoft has announced in future releases of their product lines,
they are changing the default for their product packages to be installed in
"secure" mode, so that out of the box, most services and functionality is
turned off by default, and the user must specifically turn on various
functionality and capability.  Maybe this will carry over to 802.11b and
wireless technology.

On the topic of antennas, I added a section in the FAQ:  

Because the intruder must be within range of the signal, a properly selected
and positioned antenna within a building can minimize how far the signal can
reach and therefore reduce leakage and interception.  For selecting
different antenna designs for appropriate signal reception, here is an
article on wireless antennas:

Antennas Enhance WLAN Security in Byte Magazine, October 2001. 

Additionally, ISS has put the Wireless LAN Security FAQ on the web at:
http://www.iss.net/wireless/WLAN_FAQ.php  I've beefed up the index and made
it easier to cross-reference to the specific questions one might have.


Quentyn Taylor
Sysadmin - Fotango.com
"Let's face it, if you have leprosy, you can't be casual 
about watching
for new injuries." 
   Mike Sphar, on Microsoft and anti-virus alerts.

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]