Dennis, NO...your clients have a wireless device that has 2 nics...one for the wireless side and one for the wired side.
The wireless side will not pass traffic to the wired side without it being addressed to it (regardless of WEP). You would have to put the device into promiscuous mode, and I have yet to hear of anyone being successful with the sB device (can be done though). ONTO the SNMP/WEP issue brought up by Greg. SNMP v.1 has always been known to transmit in the clear. Everyone should know this. That is another reason why so many on this forum have asked to move away from SNMP v.1. Yes...with WEP enabled you are stopping 99.9% of prying eyes. Someone would have to do one of two things: 1. Turn their wireless sB device into promiscuous mode (since the WEP key is already in there). 2. Crack WEP. Both are not trivial. Sully -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dennis Burgess Sent: Wednesday, September 10, 2003 10:34 PM To: [EMAIL PROTECTED] Subject: Re: [smartBridges] simpleMonitor Passwords are Clear Text Would any user with a Bridge be able to run a packet sniffer and get this? Dennis ----- Original Message ----- From: "Greg Sims" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, September 11, 2003 12:23 AM Subject: [smartBridges] simpleMonitor Passwords are Clear Text > I was running tcpdump (this tool monitors a network interface and displays > ip packets to the screen or places them in a file) on our network this > evening to work on a problem. I happened to start the simpleMonitor for aBO > to validate a setting for one of our clients. To my surprise, the > simpleMonitor Administrator password flashed across the tcpdump window as I > logged in. I switched to the Link Status tab of the simpleMonitor and the > Administrator password was displayed on the tcpdump screen each time the > signal strength and link quality values were updated in the simpleMonitor. > This happens about once every two seconds so the password got Lots of > exposure. > > We need to be able to access the settings of our client boxes using the > wireless interface for a number of reasons (simpleMonitor, simpleNMS, ...). > I'm concerned about how easy it would be for someone to crack a smartBridges > network and change the settings on the AP and Client boxes. > > Our network is currently running with WEP Disabled until a planned network > outage early next week. I hope the Admin passwords will not be in clear text > after WEP is turned on. Please be aware of this password exposure if you are > not running with WEP enabled. > > Greg > > > ----------ANNOUNCEMENT---------- > Don't forget to register for WISPCON IV > http://www.wispcon.info/us/wispcon-iv/wispcon-iv.htm > > The PART-15.ORG smartBridges Discussion List > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> > To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) > Archives: http://archives.part-15.org > > ----------ANNOUNCEMENT---------- Don't forget to register for WISPCON IV http://www.wispcon.info/us/wispcon-iv/wispcon-iv.htm The PART-15.ORG smartBridges Discussion List To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) Archives: http://archives.part-15.org ----------ANNOUNCEMENT---------- Don't forget to register for WISPCON IV http://www.wispcon.info/us/wispcon-iv/wispcon-iv.htm The PART-15.ORG smartBridges Discussion List To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) Archives: http://archives.part-15.org
