RE: Wireless Security

From: Steve Skoronski (skoronskiat_private)
Date: Thu Aug 16 2001 - 14:20:54 PDT

Next message: BOVO Marcelo DICAU: "RE: ipforwarding enabled, what can I do"

Previous message: Vladimir Parkhaev: "ipforwarding enabled, what can I do"
Maybe in reply to: Wyatt Fradenburg: "Wireless Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Do you mean pretending to be an authorized access point to gain access to
all of the clients? I guess if there is a trust relationship (NetBIOS for
instance) then this would expose the clients as on a wired LAN, but you
still need to authenticate on the network, using l0phtcrack can aid this. 

Really though, what is the point when 90% of security architectures mandate
that critical files be stored server side so that when you lose your laptop,
critical info is not on it. 

Here's an idea....get the WEP key (if it's even being used) and passively
sniff to gain passwords. Then the fun begins.

However, in a 'coffee-shop' environment your idea is sound. Many people in
public places use these to send e-mail, even log in to the corporate VPN:) I
hope these people are using personal firewalls and strong encryption. 

Steve




-----Original Message-----
From: Wyatt Fradenburg [mailto:wy4ttat_private]
Sent: Thursday, August 16, 2001 6:59 AM
To: pen-testat_private
Subject: Wireless Security


Hello Everyone,
     My two cents, what about a attack that is using a access point to grab 
the information from the wireless cards.  Then using a wireless card to 
attack.  What are your thoughts about this?
Dr. Wyatt R. Fradenburg
Ph.D. Information Technogoly
CCNA, CCDA, SCA, SCNA


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: BOVO Marcelo DICAU: "RE: ipforwarding enabled, what can I do"
Previous message: Vladimir Parkhaev: "ipforwarding enabled, what can I do"
Maybe in reply to: Wyatt Fradenburg: "Wireless Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 17 2001 - 11:31:22 PDT