The amount of traffic that MUST be sniffed to crack WEP is HUGE.  I sniffed traffic for 72 hours at the head-end (which hears ALL traffic on my network), and I did not receive a single “interesting packet”.  You need thousands or even millions of “interesting packets” to crack WEP.  After successfully cracking WEP,  the hacker would need to sniff the MAC and IP pairing (not difficult), spoof them, and overpower the legitimate client so that he drops off the network, and then you can assume his identity.

 

In other words….I don’t see it happening.

 

Don’t get me wrong…I still recommend PPPoE as well…but I would NOT lose any sleep about someone spoofing your customer’s MAC address.

 

BTW…the internal MAC authorization table (at the aPPo) authorizes the MAC of the sB device only (not the internal MAC addresses).  I only install exterior (roof top) sB devices.  So…my client does not know their MAC address….and therefore you also don’t have to worry about them giving their MAC address to a neighbor.  But…even if they did, the bandwidth still counts against the legitimate client.

 

Sully

 

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sevak Avakians
Sent: Thursday, September 18, 2003 6:58 AM
To: [EMAIL PROTECTED]
Subject: RE: [smartBridges] Stealing service

 

Hi Sully,

You're right.  I am using WEP.  No one has yet done this on our network, but I would like to take preventative measures.

Thanks,
Sevak

On Thu, 2003-09-18 at 09:48, The Wirefree Network wrote:

My question is:  How are they spoofing the MAC address if you are using WEP?  I highly doubt that they sniffed long enough to break it….so are you not using WEP?

 

Personally…I think that it is plain old stupid to not use WEP…unless you are running a HOTSPOT.

 

If you are using sB devices at the client-side, then you just preload the WEP keys (preferably with simpleDeploy) and you are done.

 

Sully

 

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sevak Avakians
Sent: Thursday, September 18, 2003 6:12 AM
To: [EMAIL PROTECTED]
Subject: [smartBridges] Stealing service


 

I vaguely remember someone else discussing this on this list:  Has anyone come across "customers" who duplicate legitimate MAC addresses (such as their neighbor's) on another device to get your Internet service for free?  If so, what can be done about it?

Thanks,
Sevak

Reply via email to