-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 14 Jan 2002, Dave Falloon wrote:
> Hi everyone, > Just a few questions about 802.11 : > Am I correct in assuming that arp spoofing on a wireless network is way more >of a problem than on a wired network? > Is there some safe gaurd in place that keeps this from happening? > Is 802.11 ethernet based, does it use the arp at all? > > If not then potentially I could spoof my way into a MiM attack with no one any wiser >and I only have to be near the signal. I don't have to get through a firewall, I >don't have to hack any boxes, all I have to do is be close enough that I can transmit >to and recieve from your base station. If all of this is true then how is it that >people would ever implement a network that includes even a small portion of wireless >nets. I hope I am wrong about this because there have been cries for wireless from >above in my organization. > Thank you in advance. > > Dave Falloon Hello Dave, You're probably right, but as far as i remember, rfc 826 (ARP) has no security at all. I found an extension for the protocol, using PKI. www.linuxsymposium.org/2000/arp.php http://www-106.ibm.com/developerworks/wireless/library/ wi-stack?open&l=914,t=gr,p=arp Hope it helped - -- Gonçalo Gomes E777 2628 1487 BAFE 81B4 5678 10EF 53D7 19E9 B666 -----BEGIN PGP SIGNATURE----- iD8DBQE8RpvPEO9T1xnptmYRAnXsAJ9ryZsKkqk/if+cO8aCvrkffqdG0QCaAzV5 nw8K0lrSCbIpzHGPUJwRKpA= =eYL0 -----END PGP SIGNATURE-----
