802.11b security
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: 802.11b security

  1. #1
    Junior Member
    Join Date
    Mar 2002
    Posts
    6

    802.11b security

    Is there a way to tell if someone is war driving in my network area? Would it be safe to assume the I would see their name come up as available wireless networks on my system?
    I understand most of the other security conceps but am unsure if an attacker could remain invisable and still access a remote network.
    Thanks,
    z

  2. #2
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    Yes. There is. It's MAC address would show up.

    If you use the same brand hardware then the Mac addresses should have the same UID (manufacturers number, the first six(?) numbers in the MAC address).
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  3. #3
    Junior Member
    Join Date
    Mar 2002
    Posts
    6
    So would it be safe to say if nothing shows up on the list of available networks nobody is accesing mine?
    Thanks,
    Z

  4. #4
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    Pretty much. If you see no errant MAC addresses then you are good to go.

    Depending on the wireless product you hcose you should be able to lock it down so it only accepts MAC addresses that you assign it. In other words if the MAC address that tries to connect is not one you assigned it will not give it access. Keep in mind you are still open to MAC address spoofing but it makes it much more difficult to do so since they(war drivers) have no idea of what MAC addresses are allowed.

    Hope this helps.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  5. #5
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Actually, with some of the newer war driving software, the war driver doesn't show up at all. It doesn't actually send any messages, just listens. Kinda like installing a sniffer.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  6. #6
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    Well a sniffer is something completely different. That's why with wireless you should always use a VPN.

    Take our setup for instance. We have a DSL connection to the internet, All wireless users have Internet access to start, but if they want to acces the corporate net they must install the VPN client to tunnel back through tthe internet to our VPN gate. Of course I'm simplifying ever so slightly but you get the jist of the concept.

    Always treat wireless as suspect, never trust it.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  7. #7
    Member
    Join Date
    Oct 2001
    Posts
    72
    Not really the place but I can't seem to find this info. Which is faster for a web server? SDSL? ADSL? Cable? is it worth it to get T1? How much does that cost?
    What do you mean you don\'t have a backup disk?

  8. #8
    Banned
    Join Date
    Apr 2002
    Posts
    69
    Does anyone have some good reading on using and securing 802.11b? I'd like to learn more about it and haven't had luck finding any good articles that really explain the thing.

  9. #9
    Junior Member
    Join Date
    Mar 2002
    Posts
    23
    You could try this link to get you started. TI has some interesting whitepapers, but they require you to register to get access to them.

    http://techupdate.zdnet.com/techupdate/filters/specialreport/0,14622,6022247,00.html

    Lots of commentary there, but if you look, there's typically links to references and/or outside sources.

    Here's a link to the whitepaper's section:

    http://researchcenter.zdnet.com/data...s_10_34_4_2_np

    As was said earlier, one of the better ways to secure a Wlan is to utilise WVPN's.

    edit: Oops, forgot to post the ling to the TI whitepapers I mentioned:

    http://focus.ti.com/docs/apps/catalo...igationId=5245

    -Aryoche

  10. #10
    Senior Member
    Join Date
    Apr 2002
    Posts
    712
    Originally posted here by PastyPyro
    Does anyone have some good reading on using and securing 802.11b? I'd like to learn more about it and haven't had luck finding any good articles that really explain the thing.
    Very, very basically... you should sandbox the WAP from the rest of your network and "secure" it with an ESSID and some sort of encryption key (this key should also be changed VERY regularly - it's not as tough to break in to them as most wireless manufacturers and/or vendors would like you to believe).

    Lastly, and this is easily one of the most important pieces , no access should be allowed from that sandboxed WAP off on to any other portion of the network (including the sandboxed area) that doesn't come across a good VPN (preferably one with manually exchanged client-side/server-side certificates). I'd equate any "touchdown" area for a wireless network to any other DMZ, except even less secure.
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •