Security Basics mailing list archives

RE: radius+ wireless

From: "M. Shirk" <shirkdog_linux () hotmail com>
Date: Fri, 19 Nov 2004 08:44:28 -0500

-----Original Message-----
Thanks for your answers. I'll investigate in google.
But i'm still thinking on something: Suppose somebody cracks my WEP
key, and he clones his mac address and ip address; How could the
access point distingish one pc from another? i mean if my customer is
checking his mail, and the cracker is trying to download something,
and both are comunicating to port 80, how would the information find a
way to go to the right device?
--------------------------------

Here is an example about how things could go wrong in this situtation.Airpwnwas used at Defcon with interesting results. This is a wireless injectiontool to capture

requests and inject whatever you want as a response. To quote the site,

"Airpwn is a platform for injection of application layer data on an 802.11bnetwork"


http://www.evilscheme.org/defcon/

Shirkdog
http://www.shirkdog.us

Current thread:

Re: radius+ wireless, (continued)
- - - Re: radius+ wireless Jimi Thompson (Nov 19)
  - Message not available
    - Re: radius+ wireless Gaspar de Elías (Nov 18)
- Re: radius+ wireless Tomas Wolf (Nov 18)
- RE: radius+ wireless Keodouangsy, Chinda (Keo) (Nov 18)
- RE: radius+ wireless Matvei Kliuchnikov (Nov 18)
  - Re: radius+ wireless Gaspar de Elías (Nov 19)
- RE: radius+ wireless Bowes, Ronald (EST) (Nov 19)
  - Re: radius+ wireless Kenzo (Nov 19)
  - Re: radius+ wireless - ssh Alvin Oga (Nov 22)
- RE: radius+ wireless Brett Zink (Nov 19)
- RE: radius+ wireless M. Shirk (Nov 19)
- RE: radius+ wireless Dante Mercurio (Nov 19)
- RE: radius+ wireless M. Shirk (Nov 29)