Security Basics mailing list archives
Re: wireless help
From: Tomas Wolf <tomas () skip cz>
Date: Thu, 02 Oct 2003 13:15:24 -0600
But the problem is, that after WEP is cracked (talking easy with 802.11b), one has total access to traffic (for passive listening) and the network (nodes, bandwith, wherever this LAN leads to -- Internet, internet... etc.). Let's not forget that unauthorized wireless user can be a user that wants to be unauthorized, not just an accidental cross-authorization. So if some relies on WEP and complexity of maintaining mac filter rules for mobile users is unreachable, then we should look at some "unconventional" solutions. IP filter doesn't change much, since by observing decoded traffic for a while one can pretty much guess what "ranges" or selective IPs are allowed. DHCP would make it just "automatic". In WPA, there is a technology (if I remember corectly - it might be somewhere else though :-), maybe one of the cisco wireless aps) that looks at the "manufacturer" part of MAC and can tell spoofed MAC. But that is just a little off topic :-)
Just my little something... Tomas George Peek wrote:
Without the use of a valid WEP key the unauthorized wireless user will not be able to get an IP in the 1st place. -----Original Message----- From: Henning Bree [mailto:security () bree-family de] Sent: Monday, September 22, 2003 2:09 PM To: security-basics () securityfocus com Subject: Re: wireless help You could check your DHCP log with a simple script against a file with macadresses of the allowed computers. Put that script into the cron and execute as oftenas desired. No tool, but an easy solution! Kamal Habayeb schrieb:Greetings, Does anyone know of a way or program that would let me know if an unauthorized computer has connected to my wireless network and been issued an ip address by DHCP? I am aware that I can check the DHCP log to find this out, but I want something that will warn me in real time that a computer has connected. Thanks, Kamal Habayeb--------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: wireless help George Peek (Oct 02)
- RE: wireless help David Gillett (Oct 02)
- Re: wireless help Tomas Wolf (Oct 02)
- Re: wireless help N407ER (Oct 03)
- Re: wireless help Tomas Wolf (Oct 03)
- Re: wireless help N407ER (Oct 03)
- <Possible follow-ups>
- RE: wireless help Zachary Mutrux (Oct 03)
- Re: wireless help Patoff Pat-EtHiQ (Oct 03)