|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Wifi Security
On Mon, 21 Nov 2005, Jim Popovitch wrote: They were configured with a specific ssid at one point and are now beaconing in adhoc mode becasue they can't find that ssid. Crappy driver implentation is that root cause of that.Randy Bush wrote:I wish I had a nickel (ok, a dollar) for every bogus laptop I've seen in hotels and airports that was setup for "co_presidents_club", "starbucks", "t-mobile" AND "tmobile", "corporate", etc. I've often wondered if those users were really being malicious, plain stupid, or were carrying around a laptop "owned" by someone else.As others pointed out (to me as well), for a _man in the middle_ attack (e.g. impersonating www.paypal.com) it is necessary to play ARP games or otherwise insert yourself in the flow of traffic. Either way, there are PLENTY of systems out there pretending to be something they aren't. I often try to connect to them and get some data, but most either won't give an IP, or if they do, they don't forward packets or respond with anything worthwhile. Dumb users in adhoc mode. I run a pretty tight system, so perhaps those faux APs are trying to detect other configs (Client for MS/Netware, F/P Sharing, SNMP, WINS, IPX, etc). No they're just poor clueless users with bad software. -Jim P. -- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting [email protected] GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
|