RE: Demonstrate to users- insecure APs

["Murda Mcloud" <murdamcloud () bigpond com>]

> Is it possible to sniff all the traffic from all the machines that get's 
connected and browse the Internet/LAN through this AP?

Yes. Where does the AP connect to on the wired portion of the LAN?
What about other AP's-are they all unsecured too- can you sniff wireless
traffic as well as wired traffic?
Check these out:
http://wiki.personaltelco.net/index.cgi/WirelessSniffer


> I mean, apart from the usual money saving aspect of having a free ride on 
other people's money, ( at home) what else is the risk?

You answered your own question before you asked it...

> Is it possible to sniff all the traffic from all the machines that get's 
connected and browse the Internet/LAN through this AP?

There's not really any excuse for not securing them these days. Apart from
if you don't care. And even then, it's not good because other people pay the
price for that.



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of WALI
Sent: Tuesday, June 05, 2007 2:51 AM
To: security-basics () securityfocus com
Subject: Demonstrate to users- insecure APs


Suppose I leave my Access Point in Unsecured Mode, no WEP/WPA etc.

Someone connects to my AP and receives an IP assignment via it's DHCP.

Is it possible to sniff all the traffic from all the machines that get's 
connected and browse the Internet/LAN through this AP?

I mean, apart from the usual money saving aspect of having a free ride on 
other people's money, ( at home) what else is the risk?