nanog mailing list archives

Re: Wifi Security

From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Mon, 21 Nov 2005 15:47:23 +0000 (GMT)


On Mon, 21 Nov 2005, Niels Bakker wrote:

* steve () telecomplete co uk (Stephen J. Wilcox) [Mon 21 Nov 2005, 16:07 CET]:

On Mon, 21 Nov 2005, Patrick W. Gilmore wrote:

Why would you even need to set up an AP?  Why not just sit and sniff
traffic?  Gets you the _exact_ same information.

man in the middle is easier if you are the gateway, no need to steal arp


It's *wireless*!  You can just sit and sniff traffic, no need to play 
ARP games to redirect traffic to you.


i was more thinking in terms of breaking into encrypted sessions by spoofing the 
server and client

heres some fun, next time you're at nanog or your favourite geek conference,
just run 'tcpdump -w - -s1500 -nn|strings|grep -i password' and be prepared
to hit scroll lock ;)


I've visited conferences where the wireless LAN was deemed "secure" by the
organisation because they had outlawed sniffers.


hehe :)

Steve

Current thread:

Wifi Security Ross Hosman (Nov 21)
- Re: Wifi Security Patrick W. Gilmore (Nov 21)
  - Re: Wifi Security Ross Hosman (Nov 21)
  - Re: Wifi Security Stephen J. Wilcox (Nov 21)
    - Re: Wifi Security Niels Bakker (Nov 21)
    - Re: Wifi Security Christian Kuhtz (Nov 21)
    - Re: Wifi Security Christopher L. Morrow (Nov 21)
    - Re: Wifi Security Ross Hosman (Nov 21)
    - Re: Wifi Security Stephen J. Wilcox (Nov 21)
    - Re: Wifi Security Joel Jaeggli (Nov 21)
    - Re: Wifi Security Niels Bakker (Nov 21)
    - Re: Wifi Security Randy Bush (Nov 21)
    - Re: Wifi Security Jim Popovitch (Nov 21)
    - Re: Wifi Security Joel Jaeggli (Nov 21)
    - Re: Wifi Security william(at)elan.net (Nov 21)
    - Re: Wifi Security Stephen J. Wilcox (Nov 21)
    - Re: Wifi Security Steven M. Bellovin (Nov 21)
    - Re: Wifi Security Joel Jaeggli (Nov 21)
    - Re: Wifi Security Stephen J. Wilcox (Nov 21)

(Thread continues...)