Secure your 802.11b
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Secure your 802.11b

  1. #1
    IT Specialist Ghost_25inf's Avatar
    Join Date
    Sep 2001
    Location
    Michigan
    Posts
    648

    Secure your 802.11b

    IEEE 802.11 and its derived wireless LAN technologies are probably the most often used networking technology for constructing your wireless LAN. The technology uses DSSS ( Direct Sequence Spread Spectrum ) to generate the bitstreams to be transferred in the 2.45-GHz ISM band with a speed up to 11 Mbps.
    There are two types of attacks. One is simply use of the broadcasting property of wireless technology to further penetrate a random wireless LAN. The 2nd is related to the vulnerabilities in the WEP ( wired Equivalent Privacy).

    War driving or the so called parking-lot attack is the most trivial method used today. Tools used are a laptop, a wireless card, an extention attenna, and programs like AiroPeek and Sniffer Wireless. The first step in sniffing for the service set idenifier ( SSID ). Useing the SSID to gain access to the wireless LAN possibly through a DHCP-assigned IP address. useing restrictions to only certain MAC addresses is not enough, for addresses can be spoofed.

    Standard access control mechanisms (such as SSID and MAC address restrictions) still need to be adopted, but to futher protect your corp. an internal firewall and security protocol like IPSec should be implemented.

    WEP Countermeasure
    Dont wait for a revised WEP specification to be completed and implemented by your wireless vendor. Deploy any of the following technologies to combat the potential WEP brute force attack: VPN, IPSec, SSL, SSH, and Kerberos. Port based network access control will be used to help, if not to substitute for, WEP in a wireless network authentication and authorization mechanisms in the future.

    If you have anything to add to this post feel free links would be nice to see too.
    Books for futher research inlcude 802.11 wireless security, Microsoft w2k pro, and hacking exposed. also check with the pringles company. LOL
    S25vd2xlZGdlIGlzIHBvd2VyIQ

  2. #2
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    Augh, Wireless cant be secure (IMO) There will always be some hacker or a kiddie who has found or come across an exploit for 802.11, Just search the forums Ive made a thread on this subject before

  3. #3
    Senior Member
    Join Date
    Jan 2002
    Posts
    371
    I have been researching the Security of Wireless technology for some time now. Initially I believed that it was totally insecure, and will never be secured to my liking.

    I have said this in a previous post, that basically 99% of the problems/vulnerabilities with WEP is because the encryption keys are static. By installing a Kerberos server to do the Authentication/Encryption, you can make the WEP keys dynamic, set to a custom expiry (ie. 2 mins). You could also use RADIUS authentication, which would be pretty good.

    I recently read an article regarding the US Armys secure release of 85,000 Wireless clients:

    http://www.fcw.com/fcw/articles/2002...t-03-12-02.asp

    It uses a Wireless Security Package called AirFortress. It can utilise either 168bit 3DES, or 128bit AES. (Dont know much about AES, but if anyone does, Id love to know). It also does MAC filtering etc...

    I can go into a hell of a lot more security countermeasures, but I would be here for days. If anyone would like to know anything about securing a Wireless network, let me know.
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  4. #4
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Location
    Superior, WI USA
    Posts
    628

    Post Some Info

    AiroPeek
    AirSnort
    WEPCrack

    Just some info on wireless comms...

    Ouroboros

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    371
    SoggyBottom.

    [glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]

  6. #6
    Senior Member cwk9's Avatar
    Join Date
    Feb 2002
    Posts
    1,211
    Lazy admins are the cause of most 802.11b Security problems.
    Its not software piracy. Iím just making multiple off site backups.

  7. #7
    Senior Member
    Join Date
    Aug 2001
    Posts
    410
    Well what do ya know. Came across this article today at iwar.org.uk
    http://www.ledger-enquirer.com/mld/l...ws/2925664.htm

    Posted on Sun, Mar. 24, 2002



    Drive-by hackers hunt free, easy Web access
    By Reid Kanaley
    Inquirer Staff Writer

    Russell Handorf was in a no-parking zone, but so
    what? His laptop computer, propped against the steering wheel, had his full attention.

    Handorf was probing the wireless-computer networks humming around Center City, trying to sneak his way online.

    "I'm on the Internet," he finally proclaimed on this recent afternoon. "Whaddya know. . . . This is a fast connection, too."

    Utilizing the credit-card-size wireless adapter plugged into the side of his laptop, Handorf, 22, of the city's Queen Village section, had gotten onto the Net by tapping into the computer system of an unsuspecting business among the nearby office towers.
    savIRC :: The Multi-Platform IRC Client v. 1.8 [Released 9.04.02]

  8. #8
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    An interesting document I found on wireless security.
    OpenBSD - The proactively secure operating system.

  9. #9
    Junior Member
    Join Date
    Mar 2002
    Posts
    6
    This reminded me of some news in computer world magazine talking about companies that have already adopted wireless tech. And SECURITY MEASURES!!!

    "...And Lange says he's just as worried about a saboteur somehow entering a BMW plant and throwing a small $50 radio-jamming device under a cabinet, rendering the wireless access points on the 2.4-GHz network useless. It might take hours of downtime to find such a device, he says...."
    For more read: http://www.computerworld.com/storyba...O69444,00.html

  10. #10
    Banned
    Join Date
    Sep 2001
    Posts
    853
    http://www.vnunet.com/News/1130542

    hehe funnny stuff to do with a 802.11 network
    RiOtEr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •