Worldwide War Drive
Results 1 to 9 of 9

Thread: Worldwide War Drive

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    Worldwide War Drive

    Wireless security has always been somewhat of an oxymoron. Upon visiting CNN today I found this article on the issue of wardriving. It's interesting to see that there is a whole site dedicated to and encouraging those to do wardriving. You can visit Worldwide War Drive for more details and tools. What is worthwhile checking is the changes in statistics from the first WWD to the most recent ones. While people are using WEP they are leaving other things at default. It makes me think there is a false sense of security with WEP enabled and the fact that people are using it.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    Senior Member
    Join Date
    Mar 2004
    Posts
    510
    I found this line interesting.

    "And once a bad guy finds your box, he will then follow the permissions of that laptop. And that means once he gets into your computer via your wireless router, when you plug that computer back into a VPN, tunneling back into your corporate environment, your taking the bad guy with you."

    The most common response when you tell someone to increase their wireless security "What do I care is someone uses my internet access." It's so difficult (and frustrating as hell) to get people to think that the worst case scenario may actually happen.
    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  3. #3
    Senior Member
    Join Date
    Jul 2002
    Posts
    339
    While we're at it, since the author mentioned "Four steps to a secure network", disabling SSID broadcast does nothing to make an encrypted and authenticated network more secure. It's a practice of security through obscurity, and to most people, STO is a bad thing!

    First, the SSID is still visible in any normal wireless traffic. Anyone prepare to break through your security can, much more easily, still see the SSID. In fact, if there is any wireless traffic, a standard XP client will show your network as an available wireless network.

    Second, whether or not the SSID is broadcast, an intruder still needs to break the encryption to even see the network traffic. This is much harder (if not impossible) than discovering the SSID.

    On the other hand, not broadcasting SSID will sometimes make it harder or impossible for legitimate clients to connect. In other words, it results in a DoS to your intended population!

    It's not about not broadcasting SSID doesn't enhance security, but it can hurt your own usage. CMIIW.

    edit/add: MAC address filtering is useless too. It's easy to spoof an authorized MAC address once you're able to sniff one.

    Peace always,
    <jdenny>
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds


  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Second, whether or not the SSID is broadcast, an intruder still needs to break the encryption to even see the network traffic. This is much harder (if not impossible) than discovering the SSID.
    Uhhh... we are talking about WEP here right? Last time I checked it could be broken using AirCrack or WEPCrack fairly easily. Or am I mistaken about this? I suppose doing the "4 steps" is helpful to a degree, the reality is that if you want to ensure your wireless is security you'll need to use some type of tunnel (e.g., SSH, VPN). Until 802.11i is fully released and widely used, wireless remains largely an unsecure environment.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    Here is an artical on Tech Republic about securing your wap: http://techrepublic.com.com/5100-22_...tag=html.alert
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  6. #6
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    WEP is kiddie strength stuff for home users. In a professional environment people use real stuff like 802.1X PEAP/TTL,etc.

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    For those who want more details (and correct spelling ) check out Oreilly's Technical Comparison between PEAP and TTLS. The big thing is that you have a device or server that supports it (Protected Extensible Authentication Protocol and Windows)
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    Bah, whats one consanant among friends.


    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  9. #9
    Senior Member
    Join Date
    Jul 2002
    Posts
    339
    Originally posted here by MsMittens
    Uhhh... we are talking about WEP here right? Last time I checked it could be broken using AirCrack or WEPCrack fairly easily. Or am I mistaken about this? I suppose doing the "4 steps" is helpful to a degree, the reality is that if you want to ensure your wireless is security you'll need to use some type of tunnel (e.g., SSH, VPN). Until 802.11i is fully released and widely used, wireless remains largely an unsecure environment.
    Yes, Aircrack and WEPCrack can break WEP. I meant all kind of wireless encryption, including PEAP/TTLS, also Cisco's LEAP which we're using in our office.

    But my point was about disabling SSID in clients, which offers very little enhancement in wireless security, while it could cause connecting problem/network loss/bandwidth drops.

    And the four steps as suggested by the author, basically means when there are no better security measure available, we have no choice other than to revert to security thru obscurity practice.

    Peace always,
    <jdenny>
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •