[86897] in North American Network Operators' Group
Re: Wifi Security
daemon@ATHENA.MIT.EDU (Niels Bakker)
Mon Nov 21 13:12:37 2005
Date: Mon, 21 Nov 2005 19:12:10 +0100
From: Niels Bakker <niels=nanog@bakker.net>
To: nanog@merit.edu
Mail-Followup-To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.64.0511210949320.2939@twin.uoregon.edu>
Errors-To: owner-nanog@merit.edu
* joelja@darkwing.uoregon.edu (Joel Jaeggli) [Mon 21 Nov 2005, 18:52 CET]:
>On Mon, 21 Nov 2005, Stephen J. Wilcox wrote:
>>On Mon, 21 Nov 2005, Patrick W. Gilmore wrote:
>>>Why would you even need to set up an AP? Why not just sit and sniff
>>>traffic? Gets you the _exact_ same information.
>>
>>man in the middle is easier if you are the gateway, no need to steal arp
>
>you don't have to steal arp on a wireless network, you just sniff the
>frames as they go by.
As others pointed out (to me as well), for a _man in the middle_ attack
(e.g. impersonating www.paypal.com) it is necessary to play ARP games or
otherwise insert yourself in the flow of traffic.
-- Niels.
