Some of the better APs and WLAN Bridges allow you to control the MACs
allowed to communicate with it, or Allowed Talkers. You build the MAC
table directly on the AP/WLAN Device. And, you can turn off "Advertise
ESSID" from the AP, so the attacker has to know the SSID and guess the MAC
address as well.
Wireless LANs can be made secure, you just have to put some time and effort
into it. They are no worse then wired LANs in my humble opinion.
Of course, with all the FUD in the press lately about Drivebyhacking and so
forth, companies that don't know any better or lack good IT security
teams/departments/people/etc, are worried mainly because they don't know or
understand what the issues are.
I took my iPAQ with my Orinoco card and some software, and was able to find
a few APs within a 3 block radius, and they were all wide-open. Ignorance
is scary.
tjk
T. These are only small At 02:05 PM 2/12/2002 -0500, you wrote:
> Forgot one thing in my previous message...
>
>On Mon, Feb 11, 2002 at 11:44:50PM -0500, Jason Costomiris wrote:
> > On Mon, Feb 11, 2002 at 08:13:22PM -0800, David Talkington wrote:
> > : Chad and Doria Skinner wrote:
> > :
> > : >1. Setup DHCP to only assign IPs to specific MAC Addresses
> > :
> > : Wrong already. MAC addresses are under client control. You can
> > : assign a different one to your network card with ifconfig (if the
> > : driver can handle that). Try it. :-)
>
> > Now before you immediately discount that, remember that a would-be
> > attacker would need to know the MAC address of an *authorized* client.
> > Any by the way - MAC addresses aren't always under the control of the user
> > when we're talking about WLAN cards.
>
> The selection of the card is under the control of the user
>(attacker). The selection of the operating system is under the control
>of the user (attacker). Therefore, the ability of an attacker to
>select the MAC addresses is ALWAYS under his control. Even if it means
>he has to run out to Joe's Computer Shack and pick up a different card
>and switch to it, it is under HIS control and NOT yours.
>
> [...]
>
> > --
> > Jason Costomiris <>< | Technologist, geek, human.
> > jcostom {at} jasons {dot} org | http://www.jasons.org/
> > Quidquid latine dictum sit, altum viditur.
> > My account, My opinions.
>
> Mike
>--
> Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
> /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
>
>
>
>_______________________________________________
>Redhat-list mailing list
>[EMAIL PROTECTED]
>https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
