Full Disclosure mailing list archives
Re: wireless sniffing question
From: Cedric Blancher <blancher () cartel-securite fr>
Date: Sat, 04 Dec 2004 15:25:35 +0100
Le samedi 04 décembre 2004 à 03:09 -0500, question question a écrit :
Lets say I have a Linksys (or whichever brand you like) wireless router with a wireless host using 128 bit WEP encryption, and a wired host connected to the same device. Obviously it is possible for the wired box to do various arp attacks on the switch to view other wired hosts traffic. But does the same apply for the wireless host?
Yes, most probably. Most WiFi routeurs act as a bridge between internal wired network and wireless network. The routeur part occurs between internal network (WiFi +LAN) and WAN port. Thus, ARP attacks can occurs between the two networks, meaning a wireless station can attack a wired one and vice-versa.
Can the wired host trick the switch on the Linksys into forwarding the wireless clients packets to him via the regular wire?
As shown above, definitly yes. Then it can deploy cleartext attacks against WEP, as an example... -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
Hi! I'm your friendly neighbourhood signature virus. Copy me to your signature file and help me spread!
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- wireless sniffing question question question (Dec 04)
- Re: wireless sniffing question Cedric Blancher (Dec 04)