Penetration Testing mailing list archives
Re: [PEN-TEST] Penetrating Wireless Networks
From: Ichinin <ichinin () swipnet se>
Date: Mon, 12 Mar 2001 08:14:01 +0100
Hi again. Phil Cox wrote:
To be perfectly clear, are you saying that you see the 802.11 traffic on the frequency channel you are listening on (on the system running tcpdump), *or* that tcpdump is showing you all the packets that the Access Point is sending back to it (which is most traffic, as it is a broadcast medium). There is a significant difference in my mind, as in the former, you see beaconing traffic and other 802.11 stuff, while in the latter you only see the Ethernet and IP traffic. If you do mean the former, please describe your tool set and system configuration, because I have only seen the latter in non-commercial tools (i.e. Linux and tcpdump)
No, i was just refering to that it is an ordinary network with it's pro's and cons (known plaintext(headers), traffic analysing etc). I also remember that FH isn't done these days, only Direct Sequence which only change frequency if a collission is detected.
You are kidding right?
About WEP beeing a bad design? Nope. IIRC - Even the groop who developed it knew it had flaws; it was not ment to be used for long.
If not, then what perfect solution do you propose?
Anything with a properly implemented key exchange protocol. (IPSec, SSL or whatever is better.)
Remember that in many cases (all?) the hoping information is also in packets passing through the air, so a piece of code that could examine those packets could be built to "follow the trail".
Are you Sure? (Do you have any doc's i could read about this?) Anyway - i was thinking about the low number of jumping patterns, besides, hooking up hardware to listen in on all ~83 channels at once is not too expensive for even a small firm or even a private person; it's just a technological limitation (i.e. some bright person with too much sparetime on his/her hands). Regards, Glenn [We're way of the penetration testing trail now... Apollogies to the moderator]
Current thread:
- Re: [PEN-TEST] Penetrating Wireless Networks, (continued)
- Re: [PEN-TEST] Penetrating Wireless Networks Robert Stonehouse (Mar 08)
- Re: [PEN-TEST] Penetrating Wireless Networks Rafael Coninck Teigao (Mar 09)
- Re: [PEN-TEST] Penetrating Wireless Networks van der Kooij, Hugo (Mar 09)
- Re: [PEN-TEST] Penetrating Wireless Networks Rafael Coninck Teigao (Mar 09)
- Re: [PEN-TEST] Penetrating Wireless Networks Weiss, Bill (Mar 09)
- Re: [PEN-TEST] Penetrating Wireless Networks Rafael Coninck Teigao (Mar 09)
- Re: [PEN-TEST] Penetrating Wireless Networks Anton Rager (Mar 09)
- Re: [PEN-TEST] Penetrating Wireless Networks mirza sahib (Mar 11)
- Re: [PEN-TEST] Penetrating Wireless Networks Robert Stonehouse (Mar 08)
- Re: [PEN-TEST] Penetrating Wireless Networks Phil Cox (Mar 12)
- Re: [PEN-TEST] Penetrating Wireless Networks Marc Mosko (Mar 12)
- Re: [PEN-TEST] Penetrating Wireless Networks Ichinin (Mar 13)
- Re: [PEN-TEST] Penetrating Wireless Networks Phil Cox (Mar 14)
- Re: [PEN-TEST] Penetrating Wireless Networks Marnix Petrarca (Mar 09)
- Re: [PEN-TEST] Penetrating Wireless Networks Phil Cox (Mar 14)