At 07:11 AM 1/17/02 +1000, you wrote: >You are dead on the mark. 802.11 is great for man in the middle attacks.
As someone considering doing WiFi Internet access, this concerns me. What solutions are available? >I >have tried doing this style of attack with cisco and lucent cards in a linux >box running ettercap and it works like a treat. This is also usefull for >packet sniffering if you don't have a card that can go into a raw packet >mode eg Prism chip sets, cisco. As you can just arp spoof the gateway's >address and get all the traffic that is leaving the subnet. Doing this is >particular good if the site you are attacking has the wireless equipment on >one of there standard wired subnets as you get the traffic for this as well. >In our orgainisation we currently have a total ban on all wireless equipment >until we finish testing of Cisco ACS as this provides random dynamic WEP >keys that rotate regularly to over come some of the wep problems. But for >the total solution (if you don't have to worry about things like IPX) would >be to run vpn client from the desktop to a vpn concentrator which is >correctly firewalled. This should make it as a secure as ipsec is any where >else(probably no need to run wep at all if you run ipsec over the top). > >Ashley Woodbridge >CCNA CCNP >Network Systems >Stratagem Concepts > >----- Original Message ----- >From: "Dave Falloon" <[EMAIL PROTECTED]> >Cc: <[EMAIL PROTECTED]> >Sent: Tuesday, January 15, 2002 10:31 >Subject: Arp Spoofing with wireless networks > > > > Hi everyone, > > Just a few questions about 802.11 : > > Am I correct in assuming that arp spoofing on a wireless network >is way more of a problem than on a wired network? > > Is there some safe gaurd in place that keeps this from happening? > > Is 802.11 ethernet based, does it use the arp at all? > > > > If not then potentially I could spoof my way into a MiM attack with no one >any wiser and I only have to be near the signal. I don't have to get >through a firewall, I don't have to hack any boxes, all I have to do is be >close enough that I can transmit to and recieve from your base station. If >all of this is true then how is it that people would ever implement a >network that includes even a small portion of wireless nets. I hope I am >wrong about this because there have been cries for wireless from above in my >organization. > > Thank you in advance. > > > > Dave Falloon > > __________________________ > > Systems Administrator > > Analog Design Automation Inc. > > www.AnalogSynthesis.com > > > > -- JustThe.net LLC - Steve "Web Dude" Sobol, CTO ICQ: 56972932/WebDude216 website: http://JustThe.net email: [EMAIL PROTECTED] phone: 216.619.2NET postal: 5686 Davis Drive, Mentor On The Lake, OH 44060-2752 DalNet: ZX-2
