unauthorized network point access
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: unauthorized network point access

  1. #1
    Member
    Join Date
    Jun 2004
    Posts
    77

    unauthorized network point access

    hi
    scenario.

    In a big building with few storeys. Assume intruder comes in, look for an available network point, plug in his laptop and start doing damage (just an example scenario with lax security)

    is there tools/appliances out there that could trace a LAN point (as well as the IP address he is holding) being plugged in by the intruder and see where he is located in the building?
    I guess i would need a database of all available physical network LAN points in the building?
    thanks

  2. #2
    Hope this helps you:


    802.11 security

    Security options for 802.11 include authentication services and encryption services based on the Wired Equivalent Privacy (WEP) algorithm. WEP is a set of security services used to protect 802.11 networks from unauthorized access, such as eavesdropping (the capture of wireless network traffic). With automatic wireless network configuration, you can specify that a network key be used for authentication to the network. You can also specify that a network key be used to encrypt your data as it is transmitted over the network. When data encryption is enabled, secret shared encryption keys are generated and used by the source station and the destination station to alter frame bits, thus avoiding disclosure to eavesdroppers.
    Open System and Shared Key authentication

    802.11 supports two subtypes of network authentication services: Open System and Shared Key. Under Open System authentication, any wireless station can request authentication. The station that needs to authenticate with another wireless station sends an authentication management frame that contains the identity of the sending station. The receiving station then sends back a frame that indicates whether it recognizes the identity of the sending station. Under Shared Key authentication, each wireless station is assumed to have received a secret shared key over a secure channel that is independent from the 802.11 wireless network communications channel. To use Shared Key authentication, you must have a network key.
    Network keys

    When you enable WEP, you can specify that a network key be used for encryption. A network key can be provided for you automatically (for example, it might be provided on your wireless network adapter), or you can specify the key by typing it yourself. If you specify the key yourself, you can also specify the key length (40 bits or 104 bits), key format (ASCII characters or hexadecimal digits), and key index (the location where a specific key is stored). The longer the key length, the more secure the key. Every time the length of a key is increased by one bit, the number of possible keys doubles.

    Under 802.11, a wireless station can be configured with up to four keys (the key index values are 0, 1, 2, and 3). When an access point or a wireless station transmits an encrypted message using a key that is stored in a specific key index, the transmitted message indicates the key index that was used to encrypt the message body. The receiving access point or wireless station can then retrieve the key that is stored at the key index and use it to decode the encrypted message body.
    Top of pageTop of page
    802.1x authentication

    For enhanced security, you can enable IEEE 802.1x authentication. IEEE 802.1x authentication provides authenticated access to 802.11 wireless networks and to wired Ethernet networks. IEEE 802.1x minimizes wireless network security risks, such as unauthorized access to network resources and eavesdropping, by providing user and computer identification, centralized authentication, and dynamic key management. IEEE 802.1x supports Internet Authentication Service (IAS), which implements the Remote Authentication Dial-In User Service (RADIUS) protocol. Under this implementation, a wireless access point that is configured as a RADIUS client sends a connection request and accounting messages to a central RADIUS server. The central RADIUS server processes the request and grants or rejects the connection request. If the request is granted, the client is authenticated, and unique keys (from which the WEP key is derived) can be generated for that session, depending on the authentication method chosen. The support that IEEE 802.1x provides for Extensible Authentication Protocol (EAP) security types allows you to use authentication methods such as smart cards, certificates, and the Message Digest 5 (MD5) algorithm.

    With IEEE 802.1x authentication, you can specify whether the computer attempts authentication to the network if the computer requires access to network resources whether a user is logged on or not. For example, data center operators who manage remotely administered servers can specify that the servers should attempt authentication to access the network resources. You can also specify whether the computer attempts authentication to the network if user or computer information is not available. For example, Internet service providers (ISPs) can use this authentication option to allow users access to free Internet services, or to Internet services that can be purchased. A corporation can grant visitors with limited guest access, so that they can access the Internet, but not confidential network resources.

  3. #3
    Senior Member codenamevirus's Avatar
    Join Date
    Jun 2005
    Location
    Faridabad, Haryana, India
    Posts
    298
    hi

    I m not sure for my answer....but maybe it can be done by makin use of an application based on SNMP i.e. Simple Network Management Protocol!!
    CodeNameVirus

  4. #4
    Member
    Join Date
    Jun 2004
    Posts
    77
    hi
    thanks. We do not have wireless networks. Only Ethernet LAN. I guess i will give SNMP a try.

  5. #5
    Junior Member
    Join Date
    Feb 2006
    Posts
    3
    Not sure of the cost but here is a great answer to your question:

    http://www.panduit.com/products/browse.asp?classid=614

    Check it out and see what you think. It is supposed to be designed to keep unauthorized users from accessing your internal LAN.

  6. #6
    Member
    Join Date
    Nov 2004
    Posts
    71
    biola, did you read the front page? There is no way that what you are asking is legal or on topic. read the front page and find out what AO is and isn't!
    Click here to see What AO is and isn't and try to do what is says.
    If everything looks perfect, then there is something you don\'t know

  7. #7
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Nice first post there bud

    uuum please can any body teach me how to hack into a bank account please email me if you can please ====abiola_ayoola007@yahoo.com
    Are you serious???

    @tt!tud3

    That is an obvious cut and paste job....you should put a link to the original text\author....before you get negged

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  8. #8
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003

    Problem with net user

    uuum please can any body teach me how to hack into a bank account please email me if you can please ====abiola_ayoola007@yahoo.com

    Aah the easiest way to get banned from AO.

    Welcome and Good bye mate.


    Anyway we should seriously consider putting a line in BOLD AND CAPITAL letter that we dont help in hacking.

    Try the following:

    1. emailspoof@citigroup.com

    2. spam@uce.gov

    3. www.consumer.gov/idtheft
    1-877-IDTHEFT

    If you succed then mail here Jobs @ American Express.
    goodbye

    /EDIT/

    Look at the bright side first we had people asking us to help them break into MSN accounts and now its banks then mostly Government accounts and so goes on the HUMAN EVOLUTION. God bless charles darwin......


    /EDIT/
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  9. #9
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Well I didnt neg him first time around...

    But I just read his profile...

    Interests= Stealing passwords

    Eat some reds bud

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  10. #10
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    That is an obvious cut and paste job....you should put a link to the original text\author....before you get negged
    Microsoft : Configuring wireless network clients
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •