Firewall Wizards mailing list archives

Re: Wireless

From: Jeff Newton <Jeff_Newton () pmc-sierra com>
Date: Fri, 09 Aug 2002 18:38:00 -0700


Absolutely.  Not only are management frames in the clear, they are not
authenticated nor even acknowledged in most cases.

If you want to completely rid your enterprise of 802.11b, try this nice DOS:

- set up a bunch of machines with 802.11b NICs, ensuring good wireless
coverage.
- broadcast 'disassociate' management frames from all NICs

No one is going to be able to associate with a WAP, rogue or otherwise!

Cheers,

"R. DuFresne" wrote:

On Fri, 9 Aug 2002, Jeff Newton wrote:

ejb3 () cornell edu wrote:

Find rogue networks the same way their users do, with netstumbler or
something similar.  Anything that's got an SSID other than the official
one, or that's offering up addresses beyond the approved wireless range
gets hunted down.


Netstumbler is great at finding "mis-configured" WAPs, or those with
SSID broadcast enabled.  If the user has disabled the broadcast, nothing
short of a wireless sniffer is going to see it.


Even with SSID broadcast disabled, those management packets will contain
the SSID's when folks are communicating with the AP or through it.  Not
much trouble to sniff this leakage out for sure.

Thanks,

Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


--
Jeff Newton, CISSP
Information Security Analyst
PMC-Sierra Inc.


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Wireless Paul Robertson (Aug 09)
- Re: Wireless R. DuFresne (Aug 09)
- Re: Wireless B. Scott Harroff (Aug 09)
- <Possible follow-ups>
- RE: Wireless Scott, Richard (Aug 09)
  - RE: Wireless ejb3 (Aug 09)
    - Re: Wireless Jeff Newton (Aug 09)
    - Re: Wireless R. DuFresne (Aug 09)
    - Re: Wireless Jeff Newton (Aug 09)
    - Re: Wireless John McDermott (Aug 09)
    - Re: Wireless Paul Robertson (Aug 09)
    - Re: Wireless Dave Piscitello (Aug 19)
    - Re: Wireless ejb3 (Aug 09)
    - Re: Wireless R. DuFresne (Aug 09)
  - RE: Wireless Paul Robertson (Aug 09)
  - RE: Wireless R. DuFresne (Aug 09)
- RE: Wireless Carl Friedberg (Aug 09)
  - RE: Wireless Paul Robertson (Aug 09)
- RE: Wireless Loomis, Rip (Aug 09)

(Thread continues...)