Security Basics mailing list archives
RE: radius+ wireless
From: "Andre Derek Protas" <randori82 () hotmail com>
Date: Thu, 18 Nov 2004 12:40:48 -0600
Maybe use token authentication for your customers. What is the range of your signal? If you are blowing your signal all over a neighborhood and you're using nothing but radius and a weak wep, you may be in trouble. Perhaps offer your customers "enhanced security" with an "enhanced price" and incorporate some token authentication devices in your network. Let me know if you need any equipment. -Andre Derek Protas Security Engineer | Electus Solutions www.electussolutions.com -----Original Message----- From: GuidoZ [mailto:uberguidoz () gmail com] Sent: Wednesday, November 17, 2004 6:30 PM To: Gaspar de Elías Cc: security-basics () securityfocus com Subject: Re: radius+ wireless The quick answer - you bet it's possible. And yes, depending on the WEP key and the amount of access an attacker has to the signal, it could be fairly quick. I'll allow you to do your own research, though I'll point you in some directions. Also, instead of giving you a large list of tools that are used, allow me to point you at a well known list: http://www.wi-foo.com/index-3.html Take a close peek at programs like Kismet/Netstumbler and AirCrack/AirSnort. Having MAC filtering enabled and not broadcasting the SSID is two simple steps to help "secure" your wifi network from your average script kiddie. However, this will do little more then create a speed bump for anyone remotely knowledgable about wifi and the means of breaking WEP/WPA. Google is also your friend. If you have specif questions beyond this, feel free to drop me a line directly or straight to the list. =) -- Peace. ~G On Wed, 17 Nov 2004 19:18:03 -0300, Gaspar de Elías <gaspar.delias () gmail com> wrote:
hello I'm an isp, and i'm providing internet to my customers via wireless, authenticating with a radius server on freeBSD. My question is the folowing: Can somebody sniff the wireless conections, crack WEP alghoritm, and cheat his mac and ip addresses in order to steal information from one of my customers? A friend told me that doing this is incredibly easy, so i'm investigating. What should i implement to make my wireless lan more secure? -- Gaspar de Elías
Current thread:
- radius+ wireless Gaspar de Elías (Nov 17)
- Re: radius+ wireless GuidoZ (Nov 18)
- RE: radius+ wireless Andre Derek Protas (Nov 18)
- Re: radius+ wireless Jimi Thompson (Nov 19)
- RE: radius+ wireless Andre Derek Protas (Nov 18)
- Message not available
- Re: radius+ wireless Gaspar de Elías (Nov 18)
- Re: radius+ wireless GuidoZ (Nov 18)
- Re: radius+ wireless Tomas Wolf (Nov 18)
- <Possible follow-ups>
- RE: radius+ wireless Keodouangsy, Chinda (Keo) (Nov 18)
- RE: radius+ wireless Matvei Kliuchnikov (Nov 18)
- Re: radius+ wireless Gaspar de Elías (Nov 19)
- RE: radius+ wireless Bowes, Ronald (EST) (Nov 19)
- Re: radius+ wireless Kenzo (Nov 19)
- Re: radius+ wireless - ssh Alvin Oga (Nov 22)
- RE: radius+ wireless Brett Zink (Nov 19)