Catching up on this month's FW Wiz... semi-intriguing...

Wireless Vendor Woes and Shame by Ron DuFresne

(and yes, the pringles can thing is in there... LOL)


Alan pointed out the severity of the "problem" in just our local area by
mapping out not only many private home wireless deployments, also
various corporate ones as well as some local government AP's <wireless
access points>, many without even WEP enabled, but found at least one
highly visible federal government contractor with a wireless AP deployed,
again, *without* even WEP enabled![1] This even after the 9/11 attacks
and recent supposed focus upon security.

Of course, even with WEP enabled, the way the 802.11b protocol is setup
and the fact that it's spewed into the airwaves means that valuable
network information is leaked in just the management packets. SSID's, IP
address info, and more can be gleaned from only management packets.
There is no protection from passive sniffing of these packets due to
network segmenting and the concept is pretty much not applicable to
wireless Ethernet transmissions. Additionally, neither speaker mentioned
there are known weaknesses in the SNMP implementations of many of these
devices subjecting them to further exploit wireless networks via less
passive intrusion and DDOS attempts.