October 28th, 2002, 01:28 PM
Why hax0rs don't care about 802.11
Experts at war driving -- scanning communities for the existence of wireless networks that can be tapped -- routinely exchange location secrets and sniffing tips over the Web, the way gamers trade strategies for reaching new levels.
yeah, I\'m gonna need that by friday...
October 28th, 2002, 02:28 PM
I would imagine that with the proliferation of wireless devices, the bandwidth involved in a wireless network might be hindered by interference. How do they protect against such things, and if a hacker were to tap into a wireless network, would that give him access to the person's high speed internet connection? because that would be sweet. I think that hijacking a person's highspeed wireless network is more of a "kid-next-door" type of hack than a evil-genius-hax0r type hack.. I know if my neighbor could free from 56k hell then i'd certainly look at the situation with some degree of interest.
:q :q! :wq :w :w! :wq! :quit :quit! :help help helpquit quit quithelp :quitplease :quitnow :leave :**** ^X^C ^C ^D ^Z ^Q QUITDAMMIT ^[:wq GCS,M);d@;p;c++;l++;u ++ ;e+ ;m++(---) ;s+/+ ;n- ;h* ;f+(--) ;!g ;w+(-) ;t- ;r+(-) ;y+(**)
October 28th, 2002, 02:45 PM
Wireless ... the stories I can tell
My firm places a lot of wireless LAN & WAN ...
It is very easy to hijack a wireless access line , giving that there is no encryption involved (but I imagine that the better hackers can circomvent this as well) ... you can even drive around with your portable through a place where there are a lot of officebuildings , and see if you can connect to an accesspoint , I've tried this (fo my job , before I get labeled a hacker ;-) ) and it works ... then all you have to do is try to crack the encryption (all I say ... but you know what I mean)..when you hijack this line you get FULL access to the LAN .
It's even easier when they use DHCP ..so you don't need to set a fixed IP or anything.
I can go on for a while but I think you get the picture here,
Back when I was a boy, we carved our own IC's out of wood.
October 28th, 2002, 04:52 PM
Unfortunatly i agree with Cemetric, the wep standard is too weak, the key size of off 32 if i remember right and after sniffing a while a simple stat anal gives you the right key ....
There are ways to go around the wep using acls, no dhcp, level 2 addressing, static routing .... .... harder to set up and not unbreakable at all.
The oproblme still reside upon the 2 computers agreeing on en encoding scheme and exchanging / renewing the public key fast enough....
Cisco came up with a radius server behind an AP but ....
assembly.... digital dna ?
October 28th, 2002, 05:07 PM
Over the weekend was supposivley a war driving maraton going on in multiple countries. I think some security companies were interested in using it as a selling point. The WSJ carried a story last week somewhere between Wednesday and Friday and a local TV news program spoke of what you can do to make yourself more secure briefly (>15 seconds) this morning. I think most of the war drivers intended to inform the companies that they were valunerable but I'm not sure and there might have been some bad apples.
Sorry I couldn't be more specific of the WSJ story date -but I only glanced at last week
If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke
October 28th, 2002, 06:10 PM
I know this ain't much help, but I believe about 6 months ago jared_c had a thread about using a pringle can to detect wireless networks. I hear that law enforcement is using this technique.
October 28th, 2002, 08:09 PM
A pringle can...can you tell me more about it .. cuzz well ..I've got imagination but this..stretches it a bit or am I barking on the wrong tree here with that pringle can??
Back when I was a boy, we carved our own IC's out of wood.
October 28th, 2002, 08:28 PM
The pringle can is lined with a reflective material and can be used to direct a signal from your wcard to an office building, home, store, etc. Wireless networks are a problem just waiting to happen. I'm waiting for the day when some group decides to build a zombie, install it on multiple computers (hundreds), and runs a ddos from them. Its a known fact that most wireless networks have a dedicated highspeed line and can be very easily used in this type of attack. Just give it time, it will happen. When it does happen people are going to turn around and blame all the wireless companies for marketing such an insecure product. And once again they will point their fingers at the IT community claiming that we should have informed the world of this problem. *sigh* </rant>
I just hope that these wi-fi companies build in better security in the future, because their products are one hell of a security hole.
October 28th, 2002, 09:02 PM
That's why UWB should replace the 802.11.
Alternate realities celebrate reality. If you cant handle the reality your in, then you wont be able to handle the one your attempting to escape to.
October 28th, 2002, 09:32 PM
I am of the opinion that, although breaking into a Wireless Network is as easy as falling off a chair, it still poses an enormous threat to a companies security.
Companies spend millions upon millions on security infrastructure like VPNs, Firewalls (usually multi-tiered), Routers, IDS .... the list goes on. And all that is required to circumvent all this is one misconfigured access point on the internal network.
I agree, that l33t h@x0r5 may avoid this type on hack method due to its simplicity, but what about disgruntled employees, malicious competitors etc...?? These profiles are the real ones that you have to worry about.
[glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]