Re: Application to monitor wireless intruders activity

[Miguel Regala <mikfisher64 () gmail com>]

Hi,

i'm not talking about the router admin interface. I'm talking about
the password to the wireless network.

As you said, if an attacker managed to discover my key and if i was
unaware of his presence, things could get ugly.

About the security options : i use WPA2-TKIP-PSK myself, so i don't
have to worry about script kiddies using aircrack. However, like i
mentioned, that doesn't mean they won't try to "hack" .. and it's
always to nice to be informed about what are our surrounding
neighbours intentions :-)

Fisher

2010/9/22 Roger <rnodal () gmail com>:
> On Wed, Sep 22, 2010 at 4:29 PM, Miguel Regala <mikfisher64 () gmail com> wrote:
> > Well the point is having any more information on the matter.
>
> I agree with you on having more information and you may even run into
> some one that does not even change their mac address :).
>
> > e.g: An hipotetical attack is trying to manually brute-force my home router
> > by testing out the most common passwords.
>
> Are you talking about the router admin page? Or the password/key to
> access your wireless network?
> If you are talking about the router admin page found typically under
> 192.168.1.1 then we are not in the same page and I did not respond
> thinking on that.
> If the attacker has gained access to your network I would worry about
> more things that just the admin page. Man in the middle attack comes
> to mind.
> If you are talking about the password to access the wireless network
> then it depends. For example, if the network is protected
> with WEP then all the attacker has to do is to capture enough data to
> decrypt the network KEY and as far as I am concerned this is done
> by "sniffing" which I believe is hard to detect. If the network is
> protected by WPA
> (Some conditions need to be met but I don't remember from the top of
> my head) then all the attacker has to do is to capture 4 or
> so packets (I also do not remember the exact number) and they can do
> the attack off-line.
>
> > I for once would like to be aware of this situation ; though his mac would
> > probably spoofed , there is other action i can take , given the intel from
> > the logs ( e.g turning off the router when no one is using it ).
>
> I think that's a great idea. I actually do that myself :).
>
> > Other (and
> > angrier) owners could also want to elaborate active counter measures ( fake
> > access point, honeypot, .. ).
>
> I guess if you have the time...or you could also use better wireless
> security options from the start but that is just me.
>
> -r

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------