[86883] in North American Network Operators' Group
Re: Wifi Security
daemon@ATHENA.MIT.EDU (Niels Bakker)
Mon Nov 21 10:37:10 2005
Date: Mon, 21 Nov 2005 16:36:43 +0100
From: Niels Bakker <niels=nanog@bakker.net>
To: nanog@merit.edu
Mail-Followup-To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0511211502550.25860-100000@server2.tcw.telecomplete.net>
Errors-To: owner-nanog@merit.edu
* steve@telecomplete.co.uk (Stephen J. Wilcox) [Mon 21 Nov 2005, 16:07 CET]:
>On Mon, 21 Nov 2005, Patrick W. Gilmore wrote:
>>Why would you even need to set up an AP? Why not just sit and sniff
>>traffic? Gets you the _exact_ same information.
>man in the middle is easier if you are the gateway, no need to steal arp
It's *wireless*! You can just sit and sniff traffic, no need to play
ARP games to redirect traffic to you.
>heres some fun, next time you're at nanog or your favourite geek
>conference, just run 'tcpdump -w - -s1500 -nn|strings|grep -i password'
>and be prepared to hit scroll lock ;)
I've visited conferences where the wireless LAN was deemed "secure" by
the organisation because they had outlawed sniffers.
-- Niels.
