Re: Wifi Security

["Stephen J. Wilcox" <steve () telecomplete co uk>]

On Mon, 21 Nov 2005, Joel Jaeggli wrote:
> On Mon, 21 Nov 2005, Stephen J. Wilcox wrote:
> > On Mon, 21 Nov 2005, Patrick W. Gilmore wrote:
> > > On Nov 21, 2005, at 9:42 AM, Ross Hosman wrote:
> > >
> > > Why would you even need to set up an AP?  Why not just sit and sniff traffic?
> > > Gets you the _exact_ same information.
> >
> > man in the middle is easier if you are the gateway, no need to steal arp
>
> you don't have to steal arp on a wireless network, you just sniff the 
> frames as they go by.

> What do you learn by looking at someone's ipsec, ssl-wrappered, or ssh
> tunneled traffic?

no, we're not trying to do that, you dont really think that because its
encrypted it cant be decrypted do you?

for example, we want to intercept the encrypted data which we do by putting
ourselves inbetween the client and the server and pretending to be the server to
the client and the client to the server.. we relay security information and hope
the user clicks 'yes' when they are told the host key has changed

you dont have to break the code if the endpoints trust sessions with you and 
share their encryption keys

Steve