nanog mailing list archives

Re: Wifi Security

From: Randy Bush <randy () psg com>
Date: Mon, 21 Nov 2005 09:11:13 -1000

As others pointed out (to me as well), for a _man in the middle_ attack 
(e.g. impersonating www.paypal.com) it is necessary to play ARP games or 
otherwise insert yourself in the flow of traffic.


not really.  you just need to be there first with a bogus, redirecting,
dns response.

randy

Current thread:

Re: Wifi Security, (continued)
- Re: Wifi Security Patrick W. Gilmore (Nov 21)
  - Re: Wifi Security Ross Hosman (Nov 21)
  - Re: Wifi Security Stephen J. Wilcox (Nov 21)
    - Re: Wifi Security Niels Bakker (Nov 21)
    - Re: Wifi Security Christian Kuhtz (Nov 21)
    - Re: Wifi Security Christopher L. Morrow (Nov 21)
    - Re: Wifi Security Ross Hosman (Nov 21)
    - Re: Wifi Security Stephen J. Wilcox (Nov 21)
    - Re: Wifi Security Joel Jaeggli (Nov 21)
    - Re: Wifi Security Niels Bakker (Nov 21)
    - Re: Wifi Security Randy Bush (Nov 21)
    - Re: Wifi Security Jim Popovitch (Nov 21)
    - Re: Wifi Security Joel Jaeggli (Nov 21)
    - Re: Wifi Security william(at)elan.net (Nov 21)
    - Re: Wifi Security Stephen J. Wilcox (Nov 21)
    - Re: Wifi Security Steven M. Bellovin (Nov 21)
    - Re: Wifi Security Joel Jaeggli (Nov 21)
    - Re: Wifi Security Stephen J. Wilcox (Nov 21)
    - Re: Wifi Security Joel Jaeggli (Nov 21)
    - Re: Wifi Security Steven M. Bellovin (Nov 21)
    - Re: Wifi Security Jeffrey I. Schiller (Nov 21)

(Thread continues...)