Security Basics mailing list archives
RE: wireless access point
From: "David J. Jackson" <djackson () netdmz com>
Date: Sat, 7 Jun 2003 09:31:22 -0700
Yes that is true. However, keep in mind that tools like Kismet and Airsnort have the ability to find the SSID with Beacon Broadcasts turned off. This is simply not a way to keep people out. Beacon broadcast disabling is for people who want to prevent Joey Little Hacker from driving or biking down the street and picking up the SSID broadcast from there. One more thing to remember is that a wireless access point's signal can be pointed and guided. If you're worried about security in your wireless network, which it seems like most people aren't these days.... I would suggest that the first thing you do when you buy an access point is pull of the external antennas. Get directional antennas, and point them in the direction you want the signal to be broadcast to. I work in a Law Firm in Socal, and I point my directional antennas which are only about 5dB in power to specific areas of one particular floor where we only have conference rooms. I have it so that if you are in the reception area, there is no signal unless you have an external antenna with at least 12dB of power. And of course I've tested it so that the signal does not bleed outside in the parking structure, the restrooms located on the same floor, and the floor below and above. It's a very controlled signal and this is what will keep out any hacker who doesn't know to look on one of the top floors of a high-rise building for a wireless signal. David Jackson -----Original Message----- From: Bo Mendenhall [mailto:Bo.Mendenhall () hsc utah edu] Sent: Friday, June 06, 2003 1:25 PM To: security-basics () securityfocus com Subject: RE: wireless access point Please correct me if I'm wrong: Marvin's Statement below is true because eventually someone who has the SSID for an AP will hop on the AP, at which time it broadcasts the SSID, so Netstumbler would potentially pick it up the SSID at that point.
"Myers, Marvin" <MRMyers () anteon com> 06/06/03 12:34PM >>>
That is not entirely true. Netstumbler does in fact detect AP's that do not broadcast their SSID, it just takes longer. I have proven this on more than one occasion using NetStumbler on XP with both Orinoco and Netgear cards. -----Original Message----- From: Christopher Harrington [mailto:charrington () syseng com] Sent: Friday, June 06, 2003 1:23 PM To: lod () acmesecurity org; security-basics () securityfocus com Subject: RE: wireless access point Netstumbler does not detect AP's that do not broadcast their SSID. I know Kismet and Wellenreiter do, I cant speak for the others. --Chris -----Original Message----- From: Luiz Otávio Duarte [mailto:lod () acmesecurity org] Sent: Thursday, June 05, 2003 9:54 PM To: security-basics () securityfocus com Subject: RE: wireless access point Hi,
Is there any way of detecting wireless access point that doesn't broadcast the SSID?
Yep, It's possible. I will tell you why: We have two probing modes for channels in a 802.11 network. - Activing probe - Is when the prober machine exchange some probe frames with the AP. - RFMON - Radio Frequency Monitor (Passive probe) - when the probe machine capture all data in the channel and try to find some SSID (Service Set Identification) You can find AP that does not broadcast the SSID using any probe technique. You can use: Netstumbler, DStumbler, Kismet, Wellenreiter, THC-RUT, WEPCrack, AirSnort, .... That's All Folks! -- ## # Luiz Otávio Duarte (lod at acmesecurity dot org) # www.acmesecurity.org/~lod ## # ACME! (Computer Security Research) # www.acmesecurity.org ## # Unesp - São José do Rio Preto - São Paulo - Brazil ## --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- RE: wireless access point, (continued)
- RE: wireless access point David Gillett (Jun 04)
- Re: wireless access point Jon Baer (Jun 04)
- Re: wireless access point leifg (Jun 04)
- RE: wireless access point Luiz Otávio Duarte (Jun 06)
- RE: wireless access point Christopher Harrington (Jun 06)
- RE: wireless access point Myers, Marvin (Jun 06)
- RE: wireless access point Christopher Harrington (Jun 06)
- RE: wireless access point Myers, Marvin (Jun 06)
- RE: wireless access point Bo Mendenhall (Jun 06)
- RE: wireless access point David Gillett (Jun 06)
- RE: wireless access point David J. Jackson (Jun 09)
- RE: wireless access point Myers, Marvin (Jun 09)
- RE: wireless access point Myers, Marvin (Jun 20)