Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 42

Thread: Stealing Wireless network access

  1. #11
    Senior Member
    Join Date
    Jul 2001
    Posts
    461
    Networker,

    There are several ways to make wireless more secure. If you use a radius server for authentication you have several options for increased security. EAP/TLS(client and server have X.509 certificaate, allows secure authentication) EAP/TTLS(only server has X.509 certificate, a bit easier to setup and maintain, also allows secure authentication), PEAP(cisco, server certificates.).

    for more info, check these links

    http://arstechnica.com/paedia/w/wire...ecurity-1.html
    http://www.oreillynet.com/pub/a/wire...0/17/peap.html

  2. #12
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Networker: In all practical terms WAP's cannot really be secured at the moment.

    What I refer to when I talk about "securing" them is setting it up so that a casual passer-by cannot just connect and see your traffic. To do that simple things like changing the ssid from the default, turning off DHCP, applying MAC filtering and WEP will keep the _casual_ observer at bay. Will this stop a determined cracker? No..... But you don't have a _public_ assess point any more.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #13
    Would not accesseing another network without permision or the other party knowing be wrong? It is so easy to exploit the meek and unknowing. But does that make it right? Lets study ethics for a sec. there is a school of thought that say one should act to better the common good. now my take on that is slightly darwin like. would it be better to teach that person how to secure their network? or to just exploit them? I say teach them. that way in the future we wont have so many idiot walking around.
    God save the President and his fascist regime!



  4. #14
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    MrBert: What exactly do you call exploitation?

    How will you know that the person setting up an access point didn't deliberately leave it public. Heck, it might even be a HoneyWAP, (something I am considering setting up at my home though I'm not sure that the area is conducive to people trying to "hop on"). Even if it is one of the unknowing's WAPs and I simply use some bandwidth that probably isn't being used at that time by him/her I do not consider that to be "exploitation". To me the word means "treating someone or their property in a way that profits me to the detriment of them". Yes, with WAP piggy-backing I "profit".... But I don't see the detriment. Of course, if I set up a warez site through their WAP and ate all their bandwidth so they noticed a difference then detriment occurred and I would be exploiting them.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #15
    well they are then paying for your access to the internet. That would be the cost that and whatever bandwith you use. it is like splitting the cable tv line of line. you do not pay for cable but someone does weither it be the person down the street or the cable co. do you not think that you should pay for these services? If you say no then you might just be socialist. That is ok too. but keep in mind that in most of the world it is capitilist wher money is the means and if you do not pay you could get in trouble by the corprate police(us gov.).
    God save the President and his fascist regime!



  6. #16
    There is already a WiFi honeypot thats been made some time ago it works like a normal honeypot only with fake wireless AP. Read a little bit about it here in this URL: http://www.securityfocus.com/news/552

    I found it interesting
    and since were talking about wireless I thought I would share it.

  7. #17
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    MrBert:

    Ok...... You met the Genie.... You know... the one that gives you 3 wishes.......

    You, being the smart chap you are make sure that you ask for a bottle of beer that will always be full, cold and fresh..... (My kind of man...... ) Then, along come I and feel a tad thirsty. I slide a straw in down the neck of the bottle alongside your and take a nice big gulp. Since the bottle stays full you don't even notice me doing it. Have I exploited you? I haven't cost you a cent, I have not affected you detrimentally in any way, in fact I was so sneaky you didn't even notice me..... Where's the harm?

    Let's change that slightly..... You _paid_ the Genie $100 for the bottle..... same circumstances.... where's the harm? It's the same with a high speed connection connected to a WAP. If I am careful about the bandwidth I use to be sure that I do not detrimentally affect you where is the harm? You paid for 24/7 high speed access and you use 1-2 hours per day..... Heck, looking at it logically I'm helping you to get your money's worth......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  8. #18
    That is acting for the common good of the people. I would say it is ok. But my ethics are differnt that the law sometimes. not to say i go out and break the law.

    Back to your genie thing if the genie charges you 100 a month and i am cool with paying for it and don care how many straws are in my bottle. But the genies might be getting mad at me cause i am drinking more than one person can drink and he is having trouble making al the beer at the genie brewery

    so the genie get paid by 5 people a month 500 total. but the genie needs to pay 800 in total upkeep. the genie is not going to be giving out beer anymore.
    God save the President and his fascist regime!



  9. #19
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    MrBert: The Genies sold me guaranteed 24/7 high speed, always on internet connectivity. Can the Genies now get mad if I tell my computer to run a loop to continuously d/l a 10mb file 24/7? IMO, the genies need to shut up if they feel like getting pissy - the law says they are supposed to provide what they advertize and failure to do so means consequences.

    Remember too..... The bandwidth is capped at the cable modem..... Available bandwidth is considerably higher than what you actually get. They have a law passed making it illegal to uncap the bandwidth yourself so they are really on soft ground if they complain because I use everything I am paying them for...... And if I, personally, do not use it all and have a public access point out there, is it really a problem if someone else helps me?

    There are two stances in this world. The stance that says "Do only good, break no laws etc. etc. etc." and then there's reality with all it's grey areas. I prefer reality....'cos it's real.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  10. #20
    Dead Man Walking
    Join Date
    Jan 2003
    Posts
    810
    i dont know how it is in all area's but where i live the cable provider wants you to pay an extra $5 a month for every computer on the service after the first one. so if i have 4 computers hooked into cable internet in theory it should cost me $15 over and above the normal monthly charges. Each computer is assinged its own ip addy. now MANY people i know get around this by using a router instead of a hub or switch. it sounds to me like this is the exact same thing with diffrent hardware.
    One point to look at is this. okay say some "haxor" sets himself up a nice free cable connection through the use of WAP. he then proceedes to do all sorts of mean and nasty things. Then the FBI come looking for him and all they find is his next door neighbor who's biggest crime is looking at a little porn when his wife isnt looking. But the feds dont know that its not him. all they know is that the signal's were traced back to his home network. Even if they get it all sorted out and any charges dropped the guy still has been damaged by even having to deal with it.
    but hey nobody gets hurt when people do this right????????

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •