Oh…that would be an awesome feature.
By loading all the keys on each client…it
would be SWEET if the client devices were smart enough to cycle through each
WEP key until it finds which one is live.
Seems easy enough…but yet is not
implemented.
Sully
-----Original Message-----
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sevak Avakians
Sent: Thursday, September 18, 2003
12:12 PM
To: [EMAIL PROTECTED]
Subject: RE: [smartBridges]
Stealing service
Thanks, Sully! It will save me some restless
nights.
;-)
I'm going to look into the pppoe more closely, but probably will not implement
it for a few months.
Talking about WEP keys, I have all 4 WEP keys listed in the appo and on the
airBridges. I've just tried flipping the default key on the appo from key
1 to key 2, but lost all the airBridges. I guess the airBridges don't
have a cycling method to check for the next WEP key, huh? That would be a
nice feature, I think.
Kind regards,
Sevak
On Thu, 2003-09-18 at 12:10, The Wirefree Network wrote:
The amount of traffic
that MUST be sniffed to crack WEP is HUGE. I sniffed traffic for 72 hours
at the head-end (which hears ALL traffic on my network), and I did not receive
a single “interesting packet”. You need thousands or even millions of
“interesting packets” to crack WEP. After successfully cracking WEP,
the hacker would need to sniff the MAC and IP pairing (not difficult),
spoof them, and overpower the legitimate client so that he drops off the network,
and then you can assume his identity.
In other words….I don’t see it happening.
Don’t get me wrong…I still recommend PPPoE as well…but I
would NOT lose any sleep about someone spoofing your customer’s MAC address.
BTW…the internal MAC authorization table (at the aPPo)
authorizes the MAC of the sB device only (not the internal MAC addresses).
I only install exterior (roof top) sB devices. So…my client does
not know their MAC address….and therefore you also don’t have to worry about
them giving their MAC address to a neighbor. But…even if they did, the
bandwidth still counts against the legitimate client.
Sully
-----Original Message-----
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sevak Avakians
Sent: Thursday, September 18, 2003
6:58 AM
To: [EMAIL PROTECTED]
Subject: RE: [smartBridges]
Stealing service
Hi Sully,
You're right. I am using WEP. No one has yet done this on our
network, but I would like to take preventative measures.
Thanks,
Sevak
On Thu, 2003-09-18 at 09:48, The Wirefree Network wrote:
My question is: How are they spoofing the MAC address
if you are using WEP? I highly doubt that they sniffed long enough to
break it….so are you not using WEP?
Personally…I think that it is plain old stupid to not use
WEP…unless you are running a HOTSPOT.
If you are using sB devices at the client-side, then you
just preload the WEP keys (preferably with simpleDeploy) and you are done.
Sully
-----Original Message-----
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sevak Avakians
Sent: Thursday, September 18, 2003
6:12 AM
To: [EMAIL PROTECTED]
Subject: [smartBridges] Stealing
service
I vaguely remember someone else discussing this on this list: Has anyone
come across "customers" who duplicate legitimate MAC addresses (such
as their neighbor's) on another device to get your Internet service for
free? If so, what can be done about it?
Thanks,
Sevak
