Text 342, 110 rader
Skriven 2005-05-29 18:31:10 av Michiel van der Vlist (2:280/5555)
    Kommentar till text 339 av Peter Knapper (3:772/1.10)
Ärende: Sharing InterNet between more machines on the LAN
=========================================================
Hello Peter,

 >> Careful now, thats a rather weak assumption........;-) If your WLAN
 >> does not use proprietary security methods to stop it happening,
 >> then the moment one of your machines sends out a BROADCAST, the
 >> MAC address will be splattered all over your neighbourhood....;-)

 MvdV>> So? What use is that to hacker? How does it help the
 MvdV>> hacker to gain access to things he should not have
 MvdV>> access to?

 > I am glad you asked, because few people really understand the
 > TRUE impact of seemingly inconsequential actions on their
 > part. Once your MAC is known, your IP address can be found,

Well, the IP adresses aren't so diffiucult to guess anyway. There are a limited
number of these home routers around and their DHCP servers all use the same 3
or 4 blocks of Ip adresses.

 > and once your IP address is known, your IP traffic can be
 > "managed" by the hacker. Also using the MAC a hacker can use
 > his own AP to "take control" of the Wireless environment as
 > seen by YOUR machine and effectively stop your machine from
 > being seen by the "real" AP.

I am a ham. I may not know the ins and outs of WiFi protocols, but I do know
quite a bit about radio. And I know that creating interference is easy, but
totally overpowering another transmitter in such a way that the reciever is not
even aware that something odd is happening is not that easy.

The only practical way to do it is to be a lot closer to the target than the
riginal transmitter. And getting closer to my AP then my laptop without me
seeing it is e real feat.

That is unless one uses a transmitter that has a LOT more power than the legal
20 mW and these are illegal and not so easy to obtain. When I say a LOT mor4e
power, I do not mean a mere quadruppling. I mean increasing the transmiter
power a hundred or a thousand times. That menas a totally different kind of
haccker than the run of the mill war chalker.

 > At this point your machine talks to a "fake" AP and the hacker
 > then controls all your traffic and emulates your machine to
 > the real AP.

I do not see how that would gain him confidential information stored on a
machine other then the only one making use of the AP: the laptop.

 > Most of this is a lot harder to do in a Wired Network,

Indeed, tapping into the wires without my knowledge would be a nice trick
indeed...

 > its just a pity the Wireless world rushed to market
 > without thinking things through fully.

I always wonder why they just can't do things like that right. Strong
encryption has been around for some time, so why not use it? And why not use it
as an overall shell? Why are the MAC addresses transmited in clear instead of
encrypting them as well, so that it MAC address filtering would be more
effective?

 > Yes, please note that all this can only happen using the
 > current common "standards" in the Wireless world. If you add
 > any extra security NOT based on the WiFi standard, then you
 > are a bit safer from this.

Doesn't that slow things down?

 MvdV>>  MvdV>> Go for UTP if you do not really need WiFi. It is
 MvdV>>  MvdV>> cheaper and more secure.

 >> Thats the best suggestion made to date........;-)

 MvdV>> Well, security is fine but one can also overdo it.

 > Absolutely, but as a minimum have some security is better than
 > none.

That is why I only use WiFi for the laptop, have anebaled MAC adress filtering
and WEP. (I use old stuff, it does not support WPA, let alone WPA2.)

 MvdV>> I know all my neighbours to the extent that we trust each
 MvdV>> other with the keys of our house.

 > Now that sounds like a prety good neigbourhood, one that seems
 > to be slowly vanshing from modern society...

It is indeed a pretty good neighboorhood and I am afraid it will not stay to be
that way either... :-(

 > Would you trust your neighours having a Wired connection to you
 > home LAN without your direct knowledge?

I would trust my neighbour with a wired connection and this is in fact what may
happen shortly. Of course a neighbour attempting to tap into my LAN without my
knowledge would automatically forfeit that trust.

 MvdV>> It /is/ convenient to not have wires on the laptop. I balance
 MvdV>> the convenience against the risk. I sleep at night...

 > And that is the basis that most home users work on, I just
 > wonder if anything really bothers them...

As long as 99.9% percent of them gets away with it, that attitude won't
change...

Cheers, Michiel

---
 * Origin: http://www.vlist.fidosoft.de (2:280/5555)