Security Basics mailing list archives
RE: Re[2]: About War Driving ..
From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 7 Dec 2006 16:13:32 -0800
There are two basic problems with WEP as a security measure: 1. It tries to deliver both authorization and confidentiality at the same time via a single cryptographic mechanism. 2. The implementation of that mechanism is broken. Until recently, it appeared that anyone who seriously wanted to break into a WEPified wireless network only needed to capture about 15 minutes worth of encrypted traffic to do so; some folks assumed that they could secure WEP by simply(!) rotating keys faster than that. More recent developments allow WEP to be broken/sidestepped in virtually real time, especially if the objective is to get onto the network as opposed to reading the traffic of other users. The bottom line is that WEP is *exactly* equivalent to a "No Trespassing" sign in the middle of nowhere. It does nothing to enforce the restriction; all it buys you is that if you catch a trespasser, they can't plead that the trespass was an ignorant accident. David Gillett
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Paul Stone Sent: Wednesday, December 06, 2006 4:31 PM To: security-basics () securityfocus com Cc: listbounce () securityfocus com Subject: RE: Re[2]: About War Driving .. Yes, MAC addresses are VERY easy to spoof. If you need to have a wireless network make sure its protected by so form of protection (WEP) and have OUTSIDE of your private network.. The worst would be internet access (bandwidth) My two cents. Paul Stone -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Roman Shirokov Sent: Tuesday, December 05, 2006 9:17 AM To: Ansgar -59cobalt- Wiechers Cc: security-basics () securityfocus com Subject: Re[2]: About War Driving .. Hello Ansgar, Saturday, December 2, 2006, 2:28:21 AM, you wrote:On 2006-11-30 ralain () residentiel ca wrote:block his MAC address? Allow only your MAC address?Pointless, because the MAC address can be easily sniffed as well as spoofed.Regards Ansgar WiechersEasily sniffed - yes, easily spoofed - hm... I doubt. (also not impossible for experienced cracker) -- Best regards, Roman Shirokov e-mail:insecure () yandex ru http://securitybox.org.ru -------------------------------------------------------------- ---------- --- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=s fmaildetec t -------------------------------------------------------------- ---------- --- -------------------------------------------------------------- ------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=s fmaildetect -------------------------------------------------------------- -------------
--------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect ---------------------------------------------------------------------------
Current thread:
- Re: About War Driving .., (continued)
- Re: About War Driving .. Francois Yang (Dec 04)
- Re: Re: About War Driving .. s (Dec 04)
- Re: RE: About War Driving .. nratkevicius (Dec 04)
- Re: RE: About War Driving .. Francois Yang (Dec 06)
- RE: About War Driving .. David Gillett (Dec 06)
- Re: About War Driving .. Paul daSilva (Dec 04)
- Re: Re: About War Driving .. giles (Dec 04)
- RE: About War Driving .. Dan Bogda (Dec 04)
- Re: Re: About War Driving .. anone (Dec 04)
- RE: Re[2]: About War Driving .. Paul Stone (Dec 07)
- RE: Re[2]: About War Driving .. David Gillett (Dec 08)
- RE: Re[2]: About War Driving .. Murda Mcloud (Dec 08)
- Re: About War Driving .. krymson (Dec 08)
- Re: About War Driving .. Eric Furman (Dec 12)
- Re: About War Driving .. Francois Yang (Dec 12)
- RE: About War Driving .. David Gillett (Dec 12)
- Blue Lane PatchPoint Mark Brunner (Dec 13)
- Re: About War Driving .. Layne FInk (Dec 13)
- Re: About War Driving .. Eric Furman (Dec 12)
- Re: About War Driving .. Ansgar -59cobalt- Wiechers (Dec 14)