LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Blogs > taupist
User Name
Password

Notices

Rate this Entry

Wireless security and MITM

Posted 08-20-2006 at 01:26 PM by taupist

<div class="alt1">&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; Most of us have heard of "Man In The Middle" attacks, one form that MITM takes is this:
<br /> &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; You go into a coffee shop that has a WAP and log on, pretty soon a guy comes in and sits down a few tables away from you. When he logs on (unknown to you), he activates a virtual WAP. This is possible with the Atheros wireless chipset which can be both a wireless client and virtual WAP at the same time. If he can find a way to interrupt your wireless signal then your system will automatically bind to the next strongest signal (which is probably his virtual WAP). So, just that easy, your network traffic is routed through his laptop. At this point I'll just ask you to use your imagination . . .
<br />&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; To avoid this situation, you have to check the configuration of your wireless card. You're looking for a setting called "ESSID", if your "ESSID=any" then you are vulnerable. Just blank the "ESSID" field and save the configuration. Now, whenever you don't have a connection you have to manually select a network from the list and type in your Root password to connect. Problem solved.
<br /> &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; BTW, if you let someone 'gank' your system like that it is the moral equivilant of what's called the "fools mate" in chess. Ever heard of that?!
</div>
Posted in Uncategorized
Views 855 Comments 1
« Prev     Main     Next »
Total Comments 1

Comments

  1. Old Comment
    That reminds me. I found the perfect kind card for this kind of hacking. Its based on the atheros chipset.



    http://www.newegg.com/Product/Product.asp?Item=N82E16833338014R

    omg, its so cheap! I have it.


    I'm gonna wreak havoc.


    Posted 12-31-1969 at 07:00 PM by taupist taupist is offline
 

  



All times are GMT -5. The time now is 06:35 PM.

Main Menu
Advertisement

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration