The general mind state over the years has been that 802.11x technology is
insecure, fine so it has been for some [time] but i think the problem that
we face stems mainly from vendor, who are you using?? If you are to throw in
an Extreme/cisco/Karlnet box would it be as risky as putting in say
D-Link/Mikrotik products ?? i try to think such security risks that we
face with 802.11x boil down to vendor and how they tackle the loopholes ,
some of these high end vendors really have good mitigation techniques i
believe , but this is my own opinion dont know about the rest !!!
ma 2 shs!!!
On Tue, 14 Jun 2005 17:35:41 +0300, Ronny wrote
> O yes your are right but your wireless card centrino enabled chip
> won't know that it's dealing with the evil device/rogue Access
> point .Btw wireless is a very tricky thing.You secure your Box as a
> linux sysadmin but ignorant about the hacks in the air space,that
> need a wireless expert.May be I asked the wrong question to the
> right list ;-) .Turn off all those services and then your session
> will be hijacked in seconds .
>
> /"Here's how session hijacking works. The hacker waits for someone
> to finish successfully the authentication process. Then you as the
> attacker send a disassociate message, forging it to make it look
> like it came from the AP [access point]. The client [user] thinks
> they have been kicked off, but the AP thinks the client is still out
> there. As long as WEP is not involved you can start using that
> connection up until the next time out, usually about 60
> minutes.Remember you had a secure connection to your cooperate
> servers and your Linux box had all useless services uninstalled !/
> Looks like fiction but works really bad!!!! :-\
>
> _*Conclusion*_
>
> "/If even LAN communication has its own security flaws, do we stop
> "networking"? Of course not. We need to be aware of the benefits of
> mobile clients communicating with one other and accessing enterprise
> data. We also must be aware of how data and communication could be
> compromised -- then we'll know how to lower the risks./
>
> /Just as the benefits of protocols like 802.1x make us want to use
> them, any weaknesses in those protocols should only provide an
> invitation to companies, startups, and developers to come up with
> better, more secure solutions. Clients, companies, the government,
> and individuals will certainly make a market for such solutions,
> especially with the exponential growth of mobile devices."/
>
> Is Uganda ready for this is the next question?
>
> EOF
> Ronny
>
> Noah Sematimba wrote:
>
> >My post assumed that in the first place your machine is suitably secured
> >against attacks which it should be in any case if you're running some unix
> >variant. It is a simple matter of turning off all unneeded services.
> >
> >Noah.
> >On Tuesday 14 June 2005 16:49, Ronny wrote:
> >
> >
> >>Well you have covered just part of the security ,your connection to the
> >>office .But forgotten that you are using a rogue device to access your
> >>office.By the way the bad guy might be interested with what you have on
> >>your machine than what you are accessing!Well there will be a VPN to the
> >>office but not to the neighbours rite ;-) .Am not good at VPN's but
> >>that what I think correct me if wrong
> >>Ronny
> >>
> >>Noah Sematimba wrote:
> >>
> >>
> >>>Well no one in his right mind should be relying on his ISP to provide
him
> >>>with security. Setup some sort of VPN to your office or tunnel over ssh
> >>>or whatever means.
> >>>
> >>>All UTL is doing is providing you with the road, not also fitting the
> >>>security features in whetever car you're going to use on their road.
> >>>
> >>>Noah.
> >>>
> >>>On Tuesday 14 June 2005 15:51, Robert Lukwago Mukasa wrote:
> >>>
> >>>
> >>>>With secure I suppose they mean what encryption standards are being
> >>>>used to protect users of the hotspots from hackers/crackers/attacks.
> >>>>Well how will we know unless we try them out?
> >>>>
> >>>>rob@
> >>>>
> >>>>On 6/14/05, Mark Tinka <[EMAIL PROTECTED]> wrote:
> >>>>
> >>>>
> >>>>>On Tuesday 14 June 2005 14:35, Ronny wrote:
> >>>>>
> >>>>>
> >>>>>>First I apologies for editing your subject am good at
> >>>>>>that. :-) Talk of hotspots mushrooming up ihere in
> >>>>>>UG.How secure are they.
> >>>>>>
> >>>>>>
> >>>>>How do you mean, secure? In cases like these, security
> >>>>>could be a point of view.
> >>>>>
> >>>>>Mark.
> >>>>>
> >>>>>
> >>>>>
> >>>>>>Should we rush to get plugged
> >>>>>>into the matrix ;-) .Otherwise am a wireless
> >>>>>>advocate.Congs UTL and did I hear Infocom ? Ronny
> >>>>>>Alright good topic
> >>>>>>
> >>>>>>Kiggundu Mukasa wrote:
> >>>>>>
> >>>>>>
> >>>>>>>Talk about starting with a bang!
> >>>>>>>Congrats to UTL
> >>>>>>>Need to go to each one and see what the performance
> >>>>>>>is like.
> >>>>>>>
> >>>>>>>Kiggs
> >>>>>>>
> >>>>>>>
> >>>>>>>****************
> >>>>>>>*****************************
> >>>>>>>
> >>>>>>>Kiggundu Mukasa # Computer Network
> >>>>>>>Consultancy###
> >>>>>>>
> >>>>>>>KYM-NET LTD. # Intranets &
> >>>>>>>Internet Solutions#
> >>>>>>>
> >>>>>>>Plot 80 Kanjokya Street
> >>>>>>>
> >>>>>>>P.O. Box 24284 Kampala, Uganda
> >>>>>>>
> >>>>>>>Tel: +256 77 972255
> >>>>>>>
> >>>>>>> +256 71 221141
> >>>>>>>
> >>>>>>>Fax: +256 31 262122
> >>>>>>>
> >>>>>>>****************************************************
> >>>>>>>*************
> >>>>>>>
> >>>>>>>
> >>>>>>>-----------------------------------------------------
> >>>>>>>-------------------
> >>>>>>>
> >>>>>>>_______________________________________________
> >>>>>>>LUG mailing list
> >>>>>>>[email protected]
> >>>>>>>http://kym.net/mailman/listinfo/lug
> >>>>>>>%LUG is generously hosted by INFOCOM
> >>>>>>>http://www.infocom.co.ug/
> >>>>>>>
> >>>>>>>
> >>>>>_______________________________________________
> >>>>>LUG mailing list
> >>>>>[email protected]
> >>>>>http://kym.net/mailman/listinfo/lug
> >>>>>%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
> >>>>>
> >>>>>
> >
> >
> >
>
> --
> ***************************************************************************
> / ''We can't become what we need to be by remaining what we are''\
> \ ,, ,,/
> ***************************************************************************
Regards
David Ziggy Lubowa
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
