| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: mlists at arhont.com (Konstantin V. Gavrilenko) Subject: Wi-fi. Approaching customers What a great possibilities for remote dos. Just imagine what would happen to a finely tuned network, when attacker starts cloning the mac addresses :) -- Respectfully, Konstantin V. Gavrilenko Arhont Ltd - Information Security web: http://www.arhont.com http://www.wi-foo.com e-mail: k.gavrilenko@...ont.com tel: +44 (0) 870 44 31337 fax: +44 (0) 117 969 0141 PGP: Key ID - 0x4F3608F7 PGP: Server - keyserver.pgp.com Ryan Sumida wrote: > > I am no Wi-Fi expert by any means but I will try to convey what they > told me in layman terms. Their product uses passive sensors that > basically just listen for any kind of WiFi traffic. Using the signal > strength, attenuation, and some other attributes, their algorithm > creates an RF fingerprint for the location of a device. So as an > example, if you are standing at your desk the RF fingerprint would look > like this. > > RF fingerprint for Device 1 > Sensor1 ################# > Sensor2 ###### > Sensor3 ########## > Sensor4 ############################ > > As you physically move the device around the RF fingerprint changes. > That's basically what they did to setup the device in our office. Once > the room is calibrated, you can define the actions for each virtual zone > through their management software. > > Hope that helps some, > > Ryan > > > "KF (Lists)" <kf_lists@...italmunition.com> wrote on 03/15/2005 04:35:27 PM: > > > > > hrmm... is that based on signal strength or something? > > -KF > > > > Ryan Sumida wrote: > > > > > > As a side note.. > > > > > > Newbury Networks has a product called WiFi Watchdog that can > allow/deny > > > access based on physical location. As an example, it can be > configured > > > where anyone outside the building walls can not connect to the network > > > but once they move inside the building they are allowed access. > Sounds > > > like black magic but it works (a rep came down and showed us a demo > > > yesterday) and can help manage who gets on an open WiFi network like > > > Matthew's. > > > > > > Ryan Sumida > > > Network Services, CSU Long Beach > > > > > > > > > full-disclosure-bounces@...ts.grok.org.uk wrote on 03/15/2005 > 01:27:43 PM: > > > > > > > > > > > Matthew Sabin wrote: > > > > > > > > > My company has made a conscious decision to leave our WiFi open to > > > > visitors, while our internal machines connect via IPSec on the open > > > airwaves. > > > > > A drive-by would show the open nature of our WiFi, but wouldn't > > > > immediately tell you that we've secured our business fairly well. > > > > > > > > but what if someone uses your unsecured network to download > copyrighted > > > > material (just mp3s are enough :->) or to send porn? > > > > > > > > An unsecured WiFi may have serious legal consequences. > > > > > > > > And to come back on the original topic: These legal consequences > may be > > > > good arguments to convince customers that they need to get their > network > > > > secured. > > > > > > > > Ciao > > > > Marcus > > > > > > > > -- > > > > Hail Eris! Hail Discordia! > > > > _______________________________________________ > > > > Full-Disclosure - We believe in it. > > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > > Hosted and sponsored by Secunia - http://www.secunia.com/ > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://www.secunia.com/ > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://www.secunia.com/
Powered by blists - more mailing lists