Full Disclosure mailing list archives
Re: Cisco LEAP exploit tool...
From: Ron DuFresne <dufresne () winternet com>
Date: Wed, 14 Apr 2004 17:20:05 -0500 (CDT)
On Wed, 14 Apr 2004, Paul Schmehl wrote:
--On Wednesday, April 14, 2004 03:26:16 PM -0500 Ron DuFresne <dufresne () winternet com> wrote:Yes, as I said, tunneled and encrypted, anything spewing into the 'air' needs to be kept from someone just reaching out and grabbing your data, be it wireless network traffic, wireless cameras and keyboards and mice, and this includes those sweet little nanny-cams that are actually being marketed as 'security monitors'. WEP/WAP, no matter, tunnel it if it is to really pass through your wired boundries. Or just don't allow it.The thing that concerns me is the implication that somehow the wired network is "secure", when in fact it's plaintext in most places.
the lan, or wired network is not more secure, but, protected, it has a perimiter that is defended <of course defended by layers of differig devices and application, that ole onion skin approach>. The reason to encrypt all traffic from a DMZ from a wireless connection to the wired end, is to make sure that the data sucked and pushed through wireless to wired does not make it to unwanted/warranted hands. Make sure not only the traffic is tunneled, but that authentication tokens are as well, otherwise there's not need for shadow files and all that, might as well just created passwordless accounts. In the wired setting there is a definate perimiter to mount defences, In the wireless realm there just is no perimiter to mount the defenses. To sniff my wired network, someone needs to get a system for that purpose on my wire, or my providers wire. To sniff the airwaves one just needs the proper equipment and a decent antenea. Now even in the wired realm, once the traffic goes off my wire, it can be sniffed in transit, I no longer guard it. Thus we resort again, to an encrypted tunnel to protect the information contained within. WE've all seen those network drawings whence the internet and frame relays are drawn as 'network clouds', wireless should be displayed and thought of similiarly, if not even more doubiously Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Cisco LEAP exploit tool..., (continued)
- Re: Cisco LEAP exploit tool... Thomas (Apr 14)
- Re: Cisco LEAP exploit tool... Dave Howe (Apr 14)
- Re: Cisco LEAP exploit tool... Ron DuFresne (Apr 14)
- RE: [inbox] Re: Cisco LEAP exploit tool... Curt Purdy (Apr 14)
- Re: [inbox] Re: Cisco LEAP exploit tool... Dave Howe (Apr 14)
- Re: Cisco LEAP exploit tool... mmo (Apr 14)
- Re: Cisco LEAP exploit tool... Dave Howe (Apr 14)
- Re: Cisco LEAP exploit tool... Paul Schmehl (Apr 14)
- Re: Cisco LEAP exploit tool... Valdis . Kletnieks (Apr 14)
- Re: Cisco LEAP exploit tool... Ron DuFresne (Apr 14)
- Re: Cisco LEAP exploit tool... Paul Schmehl (Apr 14)
- Re: Cisco LEAP exploit tool... Ron DuFresne (Apr 14)
- Re: Cisco LEAP exploit tool... Thomas (Apr 14)
- RE: Cisco LEAP exploit tool... Aditya, ALD [Aditya Lalit Deshmukh] (Apr 14)
- Re: Cisco LEAP exploit tool... Chris Adams (Apr 15)
- Re: Cisco LEAP exploit tool... mmo (Apr 11)
- RE: Cisco LEAP exploit tool... Jeff Schreiner (Apr 14)
- RE: Cisco LEAP exploit tool... Dave Horsfall (Apr 14)
- RE: Cisco LEAP exploit tool... Ron DuFresne (Apr 14)
- RE: Cisco LEAP exploit tool... Jeff Schreiner (Apr 14)
- RE: Cisco LEAP exploit tool... Frank Knobbe (Apr 14)