| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: kf_lists at secnetops.com (KF (lists)) Subject: Cisco LEAP exploit tool... http://classes.weber.edu/wireless/ -KF Jeff Schreiner wrote: >7 miles away is stretching it a bit far considering that all 802.11g >wireless transmissions range between 2.4 - 2.4835 Ghz 802.11a/h/j range >between 5.47 - 5.725 Ghz not only are the frequencies prone to scatter...the >radio waves bounce off everything. All wireless routers are limited by FCC >regulations to a maximum of 1 watt. > >http://www.odessaoffice.com/wireless/fcc_ism.html > >(1) For frequency hopping systems in the 2400-2483.5 MHz band employing at >least 75 hopping channels, all frequency hopping systems in the 5725-5850 >MHz band, and all direct sequence systems: 1 watt. For all other frequency >hopping systems in the 2400-2483.5 MHz band: 0.125 watts. > >To get a 2.4 Ghz signal to travel 7 miles you would have to install an >amplifier to boost the output to somewhere between 5 to 10 watts a 5 Ghz >signal would require even more at which point you're in violation of FCC >rules and Uncle Sam might come looking for ya. > >Just an FYI. > >-----Original Message----- >From: full-disclosure-admin@...ts.netsys.com >[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Williams Jon >Sent: Wednesday, April 14, 2004 2:15 PM >To: Paul Schmehl; Email List: Full Disclosure >Subject: RE: [Full-Disclosure] Cisco LEAP exploit tool... > >Well, that depends. For example, if you aren't using some form of >strong authentication (i.e. smart cards, SecureID tokens, etc.) then its >possible for someone to steal a laptop, use something like Cain (from >the package Cain & Able) to extract their password from the registry. >With that and a known wireless laptop, the attacker can then access your >whole network from the parking lot (or the neighbor's house, or 7 miles >away, etc.) > >While the same password vulnerability exists for non-wireless >environments, it does mean that the attacker would have to have physical >access to the building to use the credentials. > >Jon > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > >
Powered by blists - more mailing lists