Re: Wireless Pent-Test

From: goat (goat@severus.org)
Date: Mon Oct 06 2003 - 16:27:22 EDT

• Next message: Muhammad Faisal Rauf Danka: "Re: SMTP Survey"
• Previous message: Gregory Spath: "Re: Wireless Pent-Test"
• In reply to: Michael J. Semaniuk: "Re: Wireless Pent-Test"
• Next in thread: Steve De Doncker: "RE: Wireless Pent-Test"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Mike is right, but the concept of protecting your clients extends much further than your corporate WAPs. The Blaster worm showed that protecting mobile users is critical. Most places block 135 at the border, but worker-bees who had their laptops connected at home brought the infection to work the next day.

Another example: A "friend of mine" who travels a lot entertains himself in the airport by putting his OpenBSD laptop into HostAP mode and waiting for people to associate. When they do, his dhcpd provides an IP to them, allowing him to scan and prod them if he wanted to. Thankfully, this guy has SOME scruples and doesn't poke around with these people, but he has proven that the attack vector is real. What would happen to an internal corporate network if one of these laptops were backdoored with a "phone-home" program?

goat

Michael J. Semaniuk wrote:
> Hey Cesar,
>
> Implementing WEP is a good start. However, you need to be concerned about
> the clients themselves as well. I would consider the use of a personal
> firewall and VPN client in addition to WEP. You could use the personal
> firewall to drop anything destined for the client, and you could force all
> network traffic to come to the home office via an IPSec tunnel. The
> encryption associated with IPSec is infinitely better than WEP, and will
> protect your data better in the long run. Just a thought...
>
> -Mike
> ----- Original Message -----
> From: "Cesar Diaz" <cesadiz@yahoo.com>
> To: <pen-test@securityfocus.com>
> Sent: Saturday, October 04, 2003 9:16 PM
> Subject: Wireless Pent-Test

---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------

• Next message: Muhammad Faisal Rauf Danka: "Re: SMTP Survey"
• Previous message: Gregory Spath: "Re: Wireless Pent-Test"
• In reply to: Michael J. Semaniuk: "Re: Wireless Pent-Test"
• Next in thread: Steve De Doncker: "RE: Wireless Pent-Test"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:41 EDT