Protected WLAN
JD
jd1008 at gmail.com
Sun May 22 15:40:56 UTC 2011
On 05/22/11 07:14, Tim wrote:
> Mikkel L. Ellertson:
>>> They do not usually guess. The use a program that monitors the
>>> traffic, and captures the MAC address of any system that connects to
>>> the router. They then use one of these to connect.
> JD:
>> So, the initial connection request goes in the clear!
>> Now that's security!! :)
> It has to work that way. You connect a route, then encrypt traffic that
> will go through it. The connection setup isn't doing anything that
> gives away secrets, it's just connecting two things together.
>
I was referring to the use of MAC filtering which is
soundly defeated by the transmission of the MAC
in the clear. So, MAC filtering is absolutely useless
as a security measure.
If I turn off my machine, the hacker has my MAC, and
will have 1 less thing to worry about getting.
My reliance is then totally on wpa2-psk/aes and a
well chosen 63 byte pass-phrase.
> And as far as how long does it take. Well, on a network that may have
> 50 megabit per second speed, sending out numerous relatively smaller
> packets (all with networking headers) hundreds or thousands of times per
> second, how long do you think it would take to see data *about* the
> connections?
>
> Blink, and you'll miss it.
Not with modern day scanners which capture packets continuously.
More information about the users
mailing list