[86887] in North American Network Operators' Group
Re: Wifi Security
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Mon Nov 21 10:53:44 2005
Date: Mon, 21 Nov 2005 15:47:23 +0000 (GMT)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: Niels Bakker <niels=nanog@bakker.net>
Cc: nanog@merit.edu
In-Reply-To: <20051121153643.GA1558@burnout.tpb.net>
Errors-To: owner-nanog@merit.edu
On Mon, 21 Nov 2005, Niels Bakker wrote:
> * steve@telecomplete.co.uk (Stephen J. Wilcox) [Mon 21 Nov 2005, 16:07 CET]:
> >On Mon, 21 Nov 2005, Patrick W. Gilmore wrote:
> >>Why would you even need to set up an AP? Why not just sit and sniff
> >>traffic? Gets you the _exact_ same information.
> >man in the middle is easier if you are the gateway, no need to steal arp
>
> It's *wireless*! You can just sit and sniff traffic, no need to play
> ARP games to redirect traffic to you.
i was more thinking in terms of breaking into encrypted sessions by spoofing the
server and client
> >heres some fun, next time you're at nanog or your favourite geek conference,
> >just run 'tcpdump -w - -s1500 -nn|strings|grep -i password' and be prepared
> >to hit scroll lock ;)
>
> I've visited conferences where the wireless LAN was deemed "secure" by the
> organisation because they had outlawed sniffers.
hehe :)
Steve
