Re: Wi-fi. Approaching customers

["Konstantin V. Gavrilenko" <mlists () arhont com>]

What a great possibilities for remote dos.
Just imagine what would happen to a finely tuned network, when attacker starts 
cloning the mac addresses :)


--
Respectfully,
Konstantin V. Gavrilenko

Arhont Ltd - Information Security

web:    http://www.arhont.com
        http://www.wi-foo.com
e-mail: k.gavrilenko () arhont com

tel: +44 (0) 870 44 31337
fax: +44 (0) 117 969 0141

PGP: Key ID - 0x4F3608F7
PGP: Server - keyserver.pgp.com

Ryan Sumida wrote:
> I am no Wi-Fi expert by any means but I will try to convey what they 
> told me in layman terms.  Their product uses passive sensors that 
> basically just listen for any kind of WiFi traffic.  Using the signal 
> strength, attenuation, and some other attributes, their algorithm 
> creates an RF fingerprint for the location of a device.  So as an 
> example, if you are standing at your desk the RF fingerprint would look 
> like this.
>
> RF fingerprint for Device 1
> Sensor1 #################
> Sensor2 ######
> Sensor3 ##########
> Sensor4 ############################
>
> As you physically move the device around the RF fingerprint changes. 
>  That's basically what they did to setup the device in our office.  Once 
> the room is calibrated, you can define the actions for each virtual zone 
> through their management software.  
>
> Hope that helps some,
>
> Ryan
>
>
> "KF (Lists)" <kf_lists () digitalmunition com> wrote on 03/15/2005 04:35:27 PM:
>
>  >
>  > hrmm... is that based on signal strength or something?
>  > -KF
>  >
>  > Ryan Sumida wrote:
>  > >
>  > > As a side note..
>  > >
>  > > Newbury Networks has a product called WiFi Watchdog that can 
> allow/deny
>  > > access based on physical location.  As an example, it can be 
> configured
>  > > where anyone outside the building walls can not connect to the network
>  > > but once they move inside the building they are allowed access. 
>  Sounds
>  > > like black magic but it works (a rep came down and showed us a demo
>  > > yesterday) and can help manage who gets on an open WiFi network like
>  > > Matthew's.
>  > >
>  > > Ryan Sumida
>  > > Network Services, CSU Long Beach
>  > >
>  > >
>  > > full-disclosure-bounces () lists grok org uk wrote on 03/15/2005 
> 01:27:43 PM:
>  > >
>  > >  >
>  > >  > Matthew Sabin wrote:
>  > >  >
>  > >  > > My company has made a conscious decision to leave our WiFi open to
>  > >  > visitors, while our internal machines connect via IPSec on the open
>  > > airwaves.
>  > >  > > A drive-by would show the open nature of our WiFi, but wouldn't
>  > >  > immediately tell you that we've secured our business fairly well.
>  > >  >
>  > >  > but what if someone uses your unsecured network to download 
> copyrighted
>  > >  > material (just mp3s are enough :->) or to send porn?
>  > >  >
>  > >  > An unsecured WiFi may have serious legal consequences.
>  > >  >
>  > >  > And to come back on the original topic: These legal consequences 
> may be
>  > >  > good arguments to convince customers that they need to get their 
> network
>  > >  > secured.
>  > >  >
>  > >  > Ciao
>  > >  > Marcus
>  > >  >
>  > >  > --
>  > >  > Hail Eris! Hail Discordia!
>  > >  > _______________________________________________
>  > >  > Full-Disclosure - We believe in it.
>  > >  > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>  > >  > Hosted and sponsored by Secunia - http://www.secunia.com/
>  > >
>  > >
>  > > 
> ------------------------------------------------------------------------
>  > >
>  > > _______________________________________________
>  > > Full-Disclosure - We believe in it.
>  > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>  > > Hosted and sponsored by Secunia - http://www.secunia.com/
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://www.secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/