Penetration Testing mailing list archives
Re: WLAN Security FAQ
From: quentyn () fotango com
Date: Wed, 10 Oct 2001 09:58:13 +0100
Client to Client Attacks Two wireless clients can talk directly to each other by-passing the base station. Because of this, each client must protect itself from other clients. Filesharing and other TCP/IP service attacks If a wireless client, like a laptop or desktop, is running TCP/IP services like a web server or file sharing, an attacker can exploit any misconfigurations or vulnerabilities with another client.
Good FAQ Something you may want to add to this Doc is that whilst on most laptops it is easy to see that there is a wlan card in it (they generally stick out of the pcmcia slot quite a way) some laptops come with internal cards that the user may or may not be aware of. Some recent MAC laptops have the facility to have an internal wlan card as do (I believe) some dell's. These could be misconfigured to allow peer to peer out of the box. Does anyone have any info on this ? It *appears* that using airport cards in mac OS X you have to specifically turn on peer to peer, though I am no mac expert. Q -- ##################### Quentyn Taylor Sysadmin - Fotango.com ##################### "Let's face it, if you have leprosy, you can't be casual about watching for new injuries." Mike Sphar, on Microsoft and anti-virus alerts. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- WLAN Security FAQ Klaus, Chris (ISSAtlanta) (Oct 09)
- Re: WLAN Security FAQ quentyn (Oct 10)
- <Possible follow-ups>
- RE: WLAN Security FAQ Klaus, Chris (ISSAtlanta) (Oct 10)
- RE: WLAN Security FAQ Lodin, Steven {GZ-Q~Mannheim} (Oct 11)