RE: Re[2]: About War Driving ..

["David Gillett" <gillettdavid () fhda edu>]

  There are two basic problems with WEP as a security measure:

1.  It tries to deliver both authorization and confidentiality
at the same time via a single cryptographic mechanism.

2.  The implementation of that mechanism is broken.

  Until recently, it appeared that anyone who seriously wanted
to break into a WEPified wireless network only needed to capture
about 15 minutes worth of encrypted traffic to do so; some folks
assumed that they could secure WEP by simply(!) rotating keys faster
than that.
  More recent developments allow WEP to be broken/sidestepped in
virtually real time, especially if the objective is to get onto 
the network as opposed to reading the traffic of other users.

  The bottom line is that WEP is *exactly* equivalent to a "No
Trespassing" sign in the middle of nowhere.  It does nothing to
enforce the restriction; all it buys you is that if you catch a
trespasser, they can't plead that the trespass was an ignorant
accident.

David Gillett
 

> -----Original Message-----
> From: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com] On Behalf Of Paul Stone
> Sent: Wednesday, December 06, 2006 4:31 PM
> To: security-basics () securityfocus com
> Cc: listbounce () securityfocus com
> Subject: RE: Re[2]: About War Driving ..
>
> Yes, MAC addresses are VERY easy to spoof. If you need to 
> have a wireless network make sure its protected by so form of 
> protection (WEP) and have OUTSIDE of your private network.. 
> The worst would be internet access (bandwidth)
>
> My two cents.
>
>
> Paul Stone
>
>
>
> -----Original Message-----
> From: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com]
> On Behalf Of Roman Shirokov
> Sent: Tuesday, December 05, 2006 9:17 AM
> To: Ansgar -59cobalt- Wiechers
> Cc: security-basics () securityfocus com
> Subject: Re[2]: About War Driving ..
>
> Hello Ansgar,
>
> Saturday, December 2, 2006, 2:28:21 AM, you wrote:
>
> > On 2006-11-30 ralain () residentiel ca wrote:
> > > block his MAC address?
> > > Allow only your MAC address?
>
> > Pointless, because the MAC address can be easily sniffed as well as 
> > spoofed.
>
> > Regards
> > Ansgar Wiechers
>
> Easily sniffed - yes, easily spoofed - hm... I doubt. (also 
> not impossible for experienced cracker)
>
> -- 
>
> Best regards,
>
> Roman Shirokov
>
> e-mail:insecure () yandex ru
> http://securitybox.org.ru 
>
>
> --------------------------------------------------------------
> ----------
> ---
> This list is sponsored by: ByteCrusher
>
> Detect Malicious Web Content and Exploits in Real-Time.
> Anti-Virus engines can't detect unknown or new threats.
> LinkScanner can. Web surfing just became a whole lot safer.
>
> http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=s
> fmaildetec
> t
> --------------------------------------------------------------
> ----------
> ---
>
>
> --------------------------------------------------------------
> -------------
> This list is sponsored by: ByteCrusher
>
> Detect Malicious Web Content and Exploits in Real-Time.
> Anti-Virus engines can't detect unknown or new threats.
> LinkScanner can. Web surfing just became a whole lot safer.
>
> http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=s
> fmaildetect
> --------------------------------------------------------------
> -------------


---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------