[NCLUG] (offtopic) WLAN wardriving in FC
Michael Dwyer
mdwyer at sixthdimension.com
Wed Oct 9 11:03:35 MDT 2002
Michael Milligan wrote:
> Michael Dwyer wrote:
>> Benson Chow wrote:
>>
>>> Just curious... but I guess I should change WEP keys more often.
>>
>> Don't count on the key too much.
>
> If your AP supports it, you can enable access controls to only allow
> certain MAC addresses to associate. That's been a reasonable way to
> stop freeloaders for me.
>
> Of course, that doesn't stop eavesdroppers. So ditto on the "use
> encryption at a higher layer".
Also, at least some wireless cards allow you to change their mac
address, so even this is of only limited use. A dedicated hacker need
only sniff a valid MAC, and start using it. Then, he's also in line for
a nice man-in-the-middle attack. Spectacular.
In general, if you're using wireless, you're probably screwed. Apply
encryption to suit.
This link is Peter Shipley's presentation at DefCon9 regarding this
whole thing. It was quite eye-opening! Oh, and if your eyes are good,
you can see me near the end of the clip. :)
rtsp://media-1.datamerica.com/defcon/dc-9/video/dc-09-peter-shipley-video.rm
More information about the NCLUG
mailing list