North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Wifi Security
Randy Bush wrote: I wish I had a nickel (ok, a dollar) for every bogus laptop I've seen in hotels and airports that was setup for "co_presidents_club", "starbucks", "t-mobile" AND "tmobile", "corporate", etc. I've often wondered if those users were really being malicious, plain stupid, or were carrying around a laptop "owned" by someone else. Either way, there are PLENTY of systems out there pretending to be something they aren't. I often try to connect to them and get some data, but most either won't give an IP, or if they do, they don't forward packets or respond with anything worthwhile. I run a pretty tight system, so perhaps those faux APs are trying to detect other configs (Client for MS/Netware, F/P Sharing, SNMP, WINS, IPX, etc).As others pointed out (to me as well), for a _man in the middle_ attack (e.g. impersonating www.paypal.com) it is necessary to play ARP games or otherwise insert yourself in the flow of traffic. -Jim P.
|