Penetration Testing mailing list archives
RE: WLAN Security FAQ
From: "Klaus, Chris (ISSAtlanta)" <CKlaus () iss net>
Date: Wed, 10 Oct 2001 11:25:25 -0400
Good FAQ Something you may want to add to this Doc is that whilst on most laptops it is easy to see that there is a wlan card in it (they generally stick out of the pcmcia slot quite a way) some laptops come with internal cards that the user may or may not be aware of. Some recent MAC laptops have the facility to have an internal wlan card as do (I believe) some dell's. These could be misconfigured to allow peer to peer out of the box. Does anyone have any info on this ? It *appears* that using airport cards in mac OS X you have to specifically turn on peer to peer, though I am no mac expert.
Both HP and Dell have announced that their laptop lines will start to carry 802.11b technology built into them. With Windows XP adding more native support for 802.11b, it'll be interesting to see how the laptops are configured by default. Historically, the default would be that the 802.11b is enabled and running. As part of dealing with all the major security issues, Microsoft has announced in future releases of their product lines, they are changing the default for their product packages to be installed in "secure" mode, so that out of the box, most services and functionality is turned off by default, and the user must specifically turn on various functionality and capability. Maybe this will carry over to 802.11b and wireless technology. On the topic of antennas, I added a section in the FAQ: Because the intruder must be within range of the signal, a properly selected and positioned antenna within a building can minimize how far the signal can reach and therefore reduce leakage and interception. For selecting different antenna designs for appropriate signal reception, here is an article on wireless antennas: Antennas Enhance WLAN Security in Byte Magazine, October 2001. http://www.byte.com/documents/s=1422/byt20010926s0002/1001_marshall.html Additionally, ISS has put the Wireless LAN Security FAQ on the web at: http://www.iss.net/wireless/WLAN_FAQ.php I've beefed up the index and made it easier to cross-reference to the specific questions one might have.
Q -- ##################### Quentyn Taylor Sysadmin - Fotango.com ##################### "Let's face it, if you have leprosy, you can't be casual about watching for new injuries." Mike Sphar, on Microsoft and anti-virus alerts.
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- WLAN Security FAQ Klaus, Chris (ISSAtlanta) (Oct 09)
- Re: WLAN Security FAQ quentyn (Oct 10)
- <Possible follow-ups>
- RE: WLAN Security FAQ Klaus, Chris (ISSAtlanta) (Oct 10)
- RE: WLAN Security FAQ Lodin, Steven {GZ-Q~Mannheim} (Oct 11)