[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Wi-fi. Approaching customers

What a great possibilities for remote dos.
Just imagine what would happen to a finely tuned network, when attacker starts cloning the mac addresses :)


--
Respectfully,
Konstantin V. Gavrilenko

Arhont Ltd - Information Security

web:    http://www.arhont.com
        http://www.wi-foo.com
e-mail: k.gavrilenko@xxxxxxxxxx

tel: +44 (0) 870 44 31337
fax: +44 (0) 117 969 0141

PGP: Key ID - 0x4F3608F7
PGP: Server - keyserver.pgp.com

Ryan Sumida wrote:

I am no Wi-Fi expert by any means but I will try to convey what they told me in layman terms. Their product uses passive sensors that basically just listen for any kind of WiFi traffic. Using the signal strength, attenuation, and some other attributes, their algorithm creates an RF fingerprint for the location of a device. So as an example, if you are standing at your desk the RF fingerprint would look like this.

RF fingerprint for Device 1
Sensor1 #################
Sensor2 ######
Sensor3 ##########
Sensor4 ############################

As you physically move the device around the RF fingerprint changes. That's basically what they did to setup the device in our office. Once the room is calibrated, you can define the actions for each virtual zone through their management software.

Hope that helps some,

Ryan


"KF (Lists)" <kf_lists@xxxxxxxxxxxxxxxxxxx> wrote on 03/15/2005 04:35:27 PM:

>
> hrmm... is that based on signal strength or something?
> -KF
>
> Ryan Sumida wrote:
> >
> > As a side note..
> >
> > Newbury Networks has a product called WiFi Watchdog that can allow/deny
> > access based on physical location. As an example, it can be configured
> > where anyone outside the building walls can not connect to the network
> > but once they move inside the building they are allowed access. Sounds
> > like black magic but it works (a rep came down and showed us a demo
> > yesterday) and can help manage who gets on an open WiFi network like
> > Matthew's.
> >
> > Ryan Sumida
> > Network Services, CSU Long Beach
> >
> >
> > full-disclosure-bounces@xxxxxxxxxxxxxxxxx wrote on 03/15/2005 01:27:43 PM:
> >
> > >
> > > Matthew Sabin wrote:
> > >
> > > > My company has made a conscious decision to leave our WiFi open to
> > > visitors, while our internal machines connect via IPSec on the open
> > airwaves.
> > > > A drive-by would show the open nature of our WiFi, but wouldn't
> > > immediately tell you that we've secured our business fairly well.
> > >
> > > but what if someone uses your unsecured network to download copyrighted
> > > material (just mp3s are enough :->) or to send porn?
> > >
> > > An unsecured WiFi may have serious legal consequences.
> > >
> > > And to come back on the original topic: These legal consequences may be
> > > good arguments to convince customers that they need to get their network
> > > secured.
> > >
> > > Ciao
> > > Marcus
> > >
> > > --
> > > Hail Eris! Hail Discordia!
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://www.secunia.com/
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://www.secunia.com/


------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/