Firewall Wizards mailing list archives

RE: Wireless

From: "Frank Darden" <fdarden () locked com>
Date: Fri, 9 Aug 2002 16:07:46 -0400

One option that you might consider (assuming Netstumbler isn't enough
for you) would be www.airdefense.net I haven't personally used this
product, but watched a demo of it last week, and it does some pretty
neat things. 

Frank

=======================================
Frank Darden 
Chief Technology Officer
Mission Critical Systems
3320 NW 53rd St. Suite 202
Fort Lauderdale, FL 33309
Phone (954)766-2550 x203
Fax (954-766-2580
AIM/MSN FishinCritical
 ===========================================


-----Original Message-----
From: Carl Friedberg [mailto:friedberg () exs esb com] 
Sent: Friday, August 09, 2002 2:23 PM
To: Paul Robertson; firewall-wizards () honor icsalabs com
Subject: RE: [fw-wiz] Wireless

Paul,

An easy starting point (very easy to use, and very low cost) is to buy
an Orinoco Gold card, put it in a laptop, and get netstumbler
(www.netstumbler.org).

It's not an enterprise solution, but for a quick heads up, it's a very
impressive piece of software.

I've found that the el-cheapo stuff (Linksys and SMC, haven't used any
D-Link but suspect it comes from the same, or similar manufacturer) just
is not reliable enough. Especially when you turn on encryption, (128-bit
Wep) I've found that those routers tend to stop forwarding packets after
some random amount of time, requiring a reboot. The RF characeristics
are not as good as Orinoco (or, presumably, Cisco Aironet).

If you can afford it, go with Cisco. They have some excellent white
papers (as usual) describing the Cisco add-ons which will make it much
harder to get rogue ap's and/or PC Cards connecting to your network.
They use techniques like rekeying with every packet, etc. Cisco is
working on various techniques which integrate this to an enterprise,
including Radius, etc.

Some noteworthy points about WiFi:

(1) all forms of WEP have been cracked; and the software to do that is
easily available;

(2) WiFi is radio, so 802.11a has higher bandwidth and shorter range
than 802.11b. 802.11b can/will interfer with other devices on the same
frequence band, such as newer portable phones, some microwaves, and
potentially (though they deny it) Blue Tooth.

(3) WiFi uses half duplex, so it is a shared collision domain, just like
the old days of 10mbps and hubs. The more users on an AP, the less
bandwidth each can get.

(4) Any allowed access points should be on their own subnet, and in
their own security domain.

(5) Most illicit installations have "out of the box" settings, typically
the password, ip settings, and lack of encryption. That makes it easy to
take control of the rogue AP and potentially completely disable it
(i.e., change admin password and IPrange, disable wireless, disable
DHCP, etc).

(6) WiFi is radio. You could get fancy and try to triangulate to find
out where it is, but that is getting more expensive.

my 2 cents

Carl

-----Original Message-----
From: Paul Robertson [mailto:proberts () patriot net]
Sent: Friday, August 09, 2002 2:03 PM
To: firewall-wizards () honor icsalabs com
Subject: [fw-wiz] Wireless


How are people starting to deal with hunting down and killing rogue 
Wireless Access Points (WAPs)[1]?  It seems pretty easy in environments 
where wireless isn't allowed at all, but is anyone dealing with the
situation in 
an environment where there are sanctioned wireless networks?

Thanks,

Paul
[1] I'm thinking a lot about the built-in laptop WAPs, people bringing
in 
802.11b-enabled hubs, and only slightly about the cleaning folks hiding 
one in the ceiling tiles.
------------------------------------------------------------------------
-----
Paul D. Robertson      "My statements in this message are personal
opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure
Corporation


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Wireless, (continued)
- - - Re: Wireless Paul Robertson (Aug 09)
    - Re: Wireless Dave Piscitello (Aug 19)
    - Re: Wireless ejb3 (Aug 09)
    - Re: Wireless R. DuFresne (Aug 09)
  - RE: Wireless Paul Robertson (Aug 09)
  - RE: Wireless R. DuFresne (Aug 09)
- RE: Wireless Carl Friedberg (Aug 09)
  - RE: Wireless Paul Robertson (Aug 09)
- RE: Wireless Loomis, Rip (Aug 09)
- RE: Wireless Loomis, Rip (Aug 09)
- RE: Wireless Frank Darden (Aug 09)
  - RE: Wireless R. DuFresne (Aug 09)
- Re: Wireless Roger Marquis (Aug 09)
  - Re: Re: Wireless Gary Flynn (Aug 09)
- Re: Wireless Dennis.Archambault (Aug 09)
  - Re: Re: Wireless Paul Robertson (Aug 09)
  - Re: Re: Wireless Adam Shostack (Aug 11)
- Re: Re: Wireless Dennis.Archambault (Aug 12)
  - Re: Re: Wireless kadokev (Aug 12)
    - Re: Re: Wireless Kirby Kuehl (Aug 12)
- RE: Wireless Frank Darden (Aug 19)