ssh - AN Security, Authentication, and more...

[Alvin Oga <alvin.sec () Virtual Linux-Consulting com>]

hi ya

> tom jones wrote:
> | Hello,
> | 1.  Security Controls
> | What have you seen / implemented as a standard for
> | wireless security?  I know LEAP is out of the question
> | due to the dictionary attack vulerability.  Possibly
> | PEAP or some other 802.1x standard?
>
> If you are in an environment which needs to be highly secured, you may
> want to use something like IPSec.

"others"
        http://www.linux-sec.net/Wireless/Differences/
 
> | Authentication - I usually see authentication through
> | the DMZ to a back end Radius or Active Directory
> | server.  Any other options?
>
> I have heard good things about NoCatAuth, although I have no used it
> yet.  Maybe others on the list can comment on that.

dumb quetion:
        what's wrong with simple ssh logins for "authentication" ?

        lptop ssh's into the linux-based-access-point with only sshd 

> | 2.  How have you detered users from using their
> | laptops at the local coffee shop?

imho, i'd add colos, vpns and hotels to the list

as someone else ( next to you ) can follow you into
the secure corp network from an insecure colo/starbucks/home

> I understand the need to be secure, but I think this is being over
> paranoid.

its not an issue until the cracker happens to read "somebody important's"
email or passwd or see the contents of their disks

>  As long as you can assure the connection is secure,

that's the whole point .... wireless is completely insecure and cracked

> | 3.  Rogue Wireless Detection - I have done much
> | reading on this subject and would like to know how you
> | all tackle this issue.  Some suggest cool toys like
> | AirDefense, etc.  Others suggest some sort of MAC
> | monitoring on switches/routers.
 
mac address is worthless and is reconfigurable

>  I am a fan of walking
> | around with Kismet every few weeks.  The major issue I
> | have encountered with walking around is the problem of
> | neighboring buildings (in a downtown environment).

and you find interesting stuff ??

> | It's easy enough to find the APs you know about, but
> | finding a rogue AP connected to your network becomes a
> | challenge with all of the other APs popping up.

and if you break into one ap, you can probably break into
toher equivalent AP since its around by the gazillions
and is made by a handful of manufacturers all using 
bad defaults

have fun
alvin


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------