Re: WLAN Security FAQ

[quentyn () fotango com]

> Client to Client Attacks
>
> Two wireless clients can talk directly to each other by-passing the base
> station.  Because of this, each client must protect itself from other
> clients.
>
> Filesharing and other TCP/IP service attacks
>
> If a wireless client, like a laptop or desktop, is running TCP/IP services
> like a web server or file sharing, an attacker can exploit any
> misconfigurations or vulnerabilities with another client.

Good FAQ

Something you may want to add to this Doc is that whilst on most laptops
it is easy to see that there is a wlan card in it (they generally stick
out of the pcmcia slot quite a way) some laptops come with internal
cards that the user may or may not be aware of. Some recent MAC laptops
have the facility to have an internal wlan card as do (I believe) some
dell's. These could be misconfigured to allow peer to peer out of the
box. Does anyone have any info on this ? It *appears* that using 
airport cards in mac OS X you have to specifically turn on peer to peer,
though I am no mac expert.


Q


-- 
#####################
Quentyn Taylor
Sysadmin - Fotango.com
#####################
"Let's face it, if you have leprosy, you can't be casual about watching
for new injuries." 
   Mike Sphar, on Microsoft and anti-virus alerts.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/