Re: Re: Sneaking a peek on Wlan in airports

From: killy (killfactory@gmail.com)
Date: Fri May 18 2007 - 10:28:59 EDT

• Next message: Mike Gibson: "Format String Vulnerabilities"
• Previous message: M.B.Jr.: "Re: Sneaking a peek on Wlan in airports"
• In reply to: alan: "Re: Re: Sneaking a peek on Wlan in airports"
• Reply: Jason Chambers: "Re: Sneaking a peek on Wlan in airports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

ROFL, that is exactly what I was thinking.

This is a sticky situation really.

Jason,

I have not always agreed with the idea that this is intercepting communications.

If you were to do an arp poisoning or someother MITM ;) attack, then
yes i agree that that is intercepting.

But if you are in promiscuous mode wirelessly, that is kind of like
over hearing a conversation happening in an elevator.

I know that may not stand up in court, but I have always thought that.

Now with that being said, to run some HIDS on you wireless connection
is almost the same right?

So, to protect my self I run in promiscuous mode and I have to evalute
the traffic that is broadcasting and being received by my NIC. I
didn't ask for the traffic to touch my NIC, but it does. So, now a
flase positive is triggered and packets are logged. Not that false
positives ever happen ;-). So am I now in trouble because I picked up
some SMB traffic and it was inaccurately logged and maybe I logged a
sensitive file being transfered?

Maybe I am just a wacko..lol

But this is a fun topic.

-kill

On 5/17/07, alan <alan@clueserver.org> wrote:
> On Thu, 17 May 2007, ebk_lists@hotmail.com wrote:
>
> > I agree wholeheartedly with this view.
> >
> > Not much else to say!
> >
> > If you really feel it is necessary, than trying to advise the person/company of the issue anonymously is an option. Depending on the nature and severity of the issue.
>
> Maybe the airport needs a "Wall of Sheep".
>
> --
> "ANSI C says access to the padding fields of a struct is undefined.
> ANSI C also says that struct assignment is a memcpy. Therefore struct
> assignment in ANSI C is a violation of ANSI C..."
> - Alan Cox
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>
>

-- 
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------

• Next message: Mike Gibson: "Format String Vulnerabilities"
• Previous message: M.B.Jr.: "Re: Sneaking a peek on Wlan in airports"
• In reply to: alan: "Re: Re: Sneaking a peek on Wlan in airports"
• Reply: Jason Chambers: "Re: Sneaking a peek on Wlan in airports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:48 EDT