Re: radius+ wireless

[Gaspar de Elías <gaspar.delias () gmail com>]

Thanks for your answers. I'll investigate in google.
But i'm still thinking on something: Suppose somebody cracks my WEP
key, and he clones his mac address and ip address; How could the
access point distingish one pc from another? i mean if my customer is
checking his mail, and the cracker is trying to download something,
and both are comunicating to port 80, how would the information find a
way to go to the right device?
I think that ethernet frames would be accepted by both, customer and
cracker (they have the same mac address). Then the frame become a
package, and it's accepted by both too (same ip address) at internet
or network layer. Finally is in the transport layer where it becomes a
segment. And here is where data is accepted or rejected depending on
the header's flags (ack,syn,seq).
I wanted to know if i'm right or not. What do you think?

thanks 

On Wed, 17 Nov 2004 19:00:36 -0700, Scott Bauer <scottybauer () gmail com> wrote:
> Yes, Every wireless sends out Becaon Packets. Some of these packets
> contain the WEP Key, Right now im in the middle of cracking a 128 bit
> key, and I have captured 100,000 of the packets I need over the past 3
> days. You need Alot of packets to beable to crack the key. Once the
> key is cracked. The user will log on under the ap and He wont be
> athentacated but if he puts his card in proximious mode He will get
> all packets. Therefor he would be able to see a MAC adress that is
> athentacated. With the server. Also If you have a static IP on the
> server he (I think) could just put in the static IP and wala he is in.
> I really dont think You should be worried with all these security features.
> PS if you have WPA you should use it. There is a way to crack it (very
> underground right now) but only a few know how ( encluding me). So if
> you do have WPA you should use it. Also if the user is just getting
> the antenna directly from the antenna to the computer through a
> wireless card. You will need to update the drivers  and make sure
> those drivers will support WPA. There are other security features. But
> You will get more responses from other people.
>
> Hope I helped.
> Scott.
>
> PS the tools I use are as followed.
> I use Airopeek nx Demos' files to make a program work. The program is
> Air-Crack. its a zip and contains alot of things.
> I use Ethereal and Netstumbler
>
> Cheers
>
>
>
>
> On Wed, 17 Nov 2004 19:18:03 -0300, Gaspar de Elías
> <gaspar.delias () gmail com> wrote:
> > hello
> > I'm an isp, and i'm providing internet to my customers via wireless,
> > authenticating with a radius server on freeBSD. My question is the
> > folowing: Can somebody sniff the wireless conections, crack WEP
> > alghoritm, and cheat his mac and ip addresses in order to steal
> > information from one of my customers?
> > A friend told me that doing this is incredibly easy, so i'm investigating.
> > What should i implement to make my wireless lan more secure?
> >
> > --
> > Gaspar de Elías


-- 
Gaspar de Elías