Maybe I should clarify. Our use of Access Points is minimal, and we use 128bit WEP.
My concern is over the long (loose term) distance. Point to point links over miles. I feel that this is of low concern as the line between the two points is high up on towers, and an eavesdropper would need to at least be that high (correct me if I'm wrong). With the point-to-multipoint, the antennas sit on a tower/building in a city, and clients connect line-of-sight. Not omni-directional like standard home/office wireless. The question about internal attacks stems from the fact that customers have already connected to the antennas, and I wish to know what methods are best (another loose term) to help discourage/prevent attacks. I appreciate sharing your knowledge about the packet sniffers. I think I will try them out. Dickon... ----- Original Message ----- From: "TuxB0x" <[EMAIL PROTECTED]> To: "Dickon Newman" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, July 18, 2002 1:56 PM Subject: Re: Wireless and "not so much on" internal attacks > > On Thursday, July 18, 2002, at 10:24 AM, Dickon Newman wrote: > > > Does anyone out there know what realistic problems exist with wirless > > networks? > > > > We use several point-to-point devices, and point-to-multipoint. Is it > > possible for someone to evasdrop on the point-to-points? Is that type > > of > > equipment avaliable to the common/avid user to allow them to perform > > such > > activites? > > I'm sure your aware of war driving. People can jump on networks with > just wireless cards and sometimes antenna via an access point on your > network. While on the network an attack would become more of an > internal attack, but you aren't going to have the option of monitoring > them aside from a MAC address and their IP on your network. Wireless > Access point using WEP encryption can still be cracked and eavesdropping > is possible through packet analysis. Breaking WEP is becoming more > difficult because net-sniffing programs such as Air-snort require that > "interesting"(basically corrupted or weak packets) are found to break > the encryption, and many wireless access point have been updated to deal > with these packets without transmitting them. This by no means that > breaking WEP isn't possible, but it is not as easy. If you are looking > for something to protect your network, consider cloaked access points. > All of your hardware and software must be kept in perfect check, because > one unpatched system can lead to access to the access point. I am aware > of a programs for Linux called wlanfe that is capable of hopping on > cloaked networks. If you don't set an SSID and try to connect, the > wireless card will jump onto the access point with the strongest signal > near-by, regardless of whether it is cloaked. I have no idea to prevent > this phenomenon from occurring. I hope this cleared up some of your > wireless worries. > > TuxB0x > >
