Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: About War Driving ..

From: joe henderson <joe.henderson1 () insightbb com>
Date: Fri, 23 Feb 2007 08:32:20 -0500
Ron Johnson - Adhost wrote:

Ok so other than restricting MAC addresses to only your machines and
having a WEP 128b enabled wireless network, what other measure could one
take to prevent this?



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Melissa
Sent: Tuesday, February 20, 2007 8:50 PM
To: security-basics () securityfocus com
Subject: RE: About War Driving ..

This might work... but if they can crack WEP chances are they can spoof
mac
addresses as well 
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On
Behalf Of nospam
Sent: Monday, February 19, 2007 3:18 PM
To: security-basics () securityfocus com
Subject: Re: About War Driving ..

How about blocking the MAC ADDRESS? of those two computers IPs?

most wireless routers have an allow/disallow MAC Filter




David Turnage wrote:


You could try nbtstat -A 192.168.1.246.  Netbios is turned on by

default

on a windows pc and if they don't have a firewall turned on this will
tell you the machine name and if it is a pc on a corporate domain or
not.  Sometimes people or corporations name their pcs with the
company_name1, or username.  It might give you a place to start

looking.

-----Original Message-----
From: listbounce () securityfocus com

[mailto:listbounce () securityfocus com]

On Behalf Of Jure Krasovic
Sent: Thursday, November 30, 2006 11:50 PM
To: gaurav saha
Cc: security-basics () securityfocus com
Subject: Re: About War Driving ..

gaurav saha pravi:
Hi , I was wondering if it is possible to locate and catch 
a guy who is connecting to our wep wireless network
and downloading stuff from torrents and using up our
bandwidth .. I checked up with arp scan and found 2 unknown IPs 192.168.1.246 and 247 Is there anyway of locating the guy in a building of 7 
floors and how to stop this ..I have tried changing
the Wep keys so . he is cracking the wep key.
Any Suggestion People ?
---gaurav





_______________________________________________________________________

_

____________

Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com



Did you think on rising up encryption to WPA... and may be use of

Radius

server for authentication. It would help a lot.


Regards!

         Jure




---------------------------------------------------------------------------
This list is sponsored by: BigFix
If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. 
http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------



Layer 2 encryption..

We use Airfotress..

http://www.fortresstech.com/products_services/products_af2100.asp
Yes.. You can see the frames.. however you cannot read the frames or the macs.. 

You can cause DoS by injecting "dissaccoc" frames to the ap.. However you
will never be able to see the data or hop on the network.

Yes.. This is DoD approved..






---------------------------------------------------------------------------
This list is sponsored by: BigFix
If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. 
http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: