WLAN from 80211-planet.com The major threats?
Most current products use spread spectrum technology. Vendors initially claimed it was difficult or impossible to de-spread or demodulate the signals. Wrong, Gemmel says. It's easy. All you have to do is steal an SSID (Service Set Identifier), the ID attached to packets sent over WLANs that functions as a password for joining a network. All radios and access points within a network use the same SSID. Packets with other SSIDs are ignored. Vendors also said you couldn't get an SSID unless you were given it. Wrong again. "We now know SSIDs are sent in the clear," Gemmel says. "You can get very simple software, some of it free on the Internet, that easily intercepts somebody's SSID." WLAN signals are prone to being intercepted well outside the facility in which the network resides. "A lot of consumers are using wireless LANs now," he points out. "They see on the box that it's 11 Mbps up to 300 feet. They're not educated enough to realize, though, that the signal doesn't necessarily stop at 300 feet. In fact it can go up to 2,000 feet and beyond." This makes it easy for eavesdroppers to drive up to an office building - or home - park and infiltrate a network inside without anyone realizing. As everyone who knows anything knows by now - or should do - the 802.11b Wired Equivalent Protocol (WEP) encryption can be compromised by hackers using statistical mathematical analysis tools. Two recent studies, one from AT&T another at Rice University (www.rice.edu) have made this painfully clear, Gemmel says. At the level of what hackers can do once they smash through inadequate WLAN defenses, Gemmel puts "file transposition" at the top of his list. Infiltrators steal an SSID, gain access to a network, hack passwords on the enterprise LAN and then merrily delete or alter files stored on servers - or steal trade secrets contained in files. Or hackers infiltrate the network and leave behind "Easter eggs," hidden and undocumented programs or messages embedded in the code of commercial software residing on the network. Some Easter eggs are harmless, even funny, but they can also be destructive viruses. Gemmel's last WLAN security threat is really only a perceived threat, he says, because hackers would need a lot of hardware and arcane software to do it. But theoretically, they could intercept WLAN packets, decrypt them if they're encrypted using WEP, change them, re-encrypt them and send them on to the intended recipient - who would never know. Mike writes: > Kinda hard to guess SSID and WEP encryption keys need to authenticate on my > wireless equipment. If anyone wants to see wireless security, or try to > break in.... Take a short trip to LeMars. Park your car about 75-100 ft. of > the new water tower and see if you can get internet access. I'll even give > you a hint.... You need to guess the right MAC address to use for starters. > Good Luck. > > Mike > > > On Thursday 11 April 2002 02:50 pm, Jeromey Hannel wrote: >> Guys dont you know how insecure wireless is right now. There are people >> driving around with their laptops and wireless lan cards getting on your >> network and stealing your data. >> >> > I have a lucent wireless card working in windows and linux. i alo have a >> > linksys access point. they work great and i would reccomend it to anyone. >> > (works gret in linux!) >> > I can help if you need assistance >> > Kuecker >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] >> > Sent: Thursday, April 11, 2002 8:20 AM >> > To: [EMAIL PROTECTED] >> > Subject: Re: [sclug-general] April Meeting Notice >> > >> > On Thu, Apr 11, 2002 at 08:13:02AM -0500, Mike wrote: >> >> Well, I might not be able to make this meeting, unless rain is in the >> >> forecast. >> > >> > Hm ... I see rain in future, Kemo Sabe. ;) >> > >> >> In any event does anyone else have wireless (802.11b) equipment up >> >> and running? Or at least have a wireless card for a laptop? Just >> >> trying to get a feel, might be a presentation in the works. >> > >> > I have a Belkin card that works on the Windows side but I can't get >> > to run on Linux side ... >> > >> > Bill Stone >> > ___________________________________________________________________ >> > William Stone, III | Certifications: CISSP, RHCE, CCNA >> > Proprietor | Phone: (605) 232-6771 >> > William Stone & Associates | FAX: (605) 232-6763 >> > P.O. Box 1967 | E-Mail: [EMAIL PROTECTED] >> > North Sioux City, SD 57049 | Web: http://www.wrstone.com >> > ______________________________|____________________________________
