December 30th, 2003, 06:35 PM
Packet sniffer and Wireless networks
I just want to know if I understand some things right.
1st : A packet sniffer can be used on an "entire" ethernet network because all the computers receives all packets (if they are on the same network), even if the packets are not for them? (It's the "promiscuous mode" of the ethernet card)
2nd : some wireless network are not password protected and allow anonymous users to log in. So you could log in such networks and packet sniff all the network too?
I guess that those kind of network use some kind of encryption packet or something?
Here are some answers I found by searching.. Some other inputs by experimented (or not) users would be appreciated
Is it secure?
In order to facilitate access to the AirSpot Wi-Fi Hotspot, most security options are disabled. While no AirSpot user can connect to any other AirSpot user directly, a malicious user can spy on what traffic is passing through.
You may see literature saying that the 802.11b standard includes provisions for optional 40- or 128-bit link-level encryption over the air, however, current implementations require the encryption key to be shared by all users of the wireless LAN, effectively eliminating the usefulness of this security feature in an open-access environment.
In short, it is no more and no less secure than a regular internet connection, and should be dealt with as such.
3) Is that possible (I'm not asking how) to sniff a wireless network without being logged onto it? I guess that's the point of the encryption in my quote.
4) I'm not sure about the security with wireless networks. You could go into a parking lot of a company at 3 am (when nobody is there for checking the network), you just check for lights (to see if a network admin would be there or something) and if there is nothing, you are free to try whatever you want with the network. Try to break in etc.. Isn't it the hacker's paradise here? Or maybe I'm missing something? :|
Simply find the SSID for the network, configure your WLAN card to use that SSID with no WEP encryption and to use dynamic addresses, and voila, you are now on the network. You can surf the Internet, scan the internal network, print to their printers, and so on. It can be that simple.
I'm scared... What will it happen when our refrigirators and cars will be hooked up on the Net with wireless devices? "Someone hacked my butter!", "My cars is talking to me". ok ok, not funny.
Here is another interesting link : How to build an antenna for like 5 bucks, with a pringles can : http://www.oreillynet.com/cs/weblog/view/wlg/448