Security Basics mailing list archives
RE: radius+ wireless
From: "M. Shirk" <shirkdog_linux () hotmail com>
Date: Fri, 19 Nov 2004 08:44:28 -0500
-----Original Message----- Thanks for your answers. I'll investigate in google. But i'm still thinking on something: Suppose somebody cracks my WEP key, and he clones his mac address and ip address; How could the access point distingish one pc from another? i mean if my customer is checking his mail, and the cracker is trying to download something, and both are comunicating to port 80, how would the information find a way to go to the right device? --------------------------------Here is an example about how things could go wrong in this situtation. Airpwn was used at Defcon with interesting results. This is a wireless injection tool to capture
requests and inject whatever you want as a response. To quote the site,"Airpwn is a platform for injection of application layer data on an 802.11b network"
http://www.evilscheme.org/defcon/ Shirkdog http://www.shirkdog.us
Current thread:
- Re: radius+ wireless, (continued)
- Re: radius+ wireless Jimi Thompson (Nov 19)
- Message not available
- Re: radius+ wireless Gaspar de Elías (Nov 18)
- Re: radius+ wireless Tomas Wolf (Nov 18)
- RE: radius+ wireless Keodouangsy, Chinda (Keo) (Nov 18)
- RE: radius+ wireless Matvei Kliuchnikov (Nov 18)
- Re: radius+ wireless Gaspar de Elías (Nov 19)
- RE: radius+ wireless Bowes, Ronald (EST) (Nov 19)
- Re: radius+ wireless Kenzo (Nov 19)
- Re: radius+ wireless - ssh Alvin Oga (Nov 22)
- RE: radius+ wireless Brett Zink (Nov 19)
- RE: radius+ wireless M. Shirk (Nov 19)
- RE: radius+ wireless Dante Mercurio (Nov 19)
- RE: radius+ wireless M. Shirk (Nov 29)