Protected WLAN

JD jd1008 at gmail.com
Sun May 22 23:43:04 UTC 2011


On 05/22/11 16:00, Tim wrote:
> Yay!  He's got it...
>
> You do realise what the MAC is for?  It's the name of that particular
> hardware interface, it's address, it's location...  So that when data
> goes out on the wire, that's where it's intended for.
>
> As far as network switches and routers go, it's the way of saying data
> for IP 192.168.1.whatever goes to/through MAC xx:yy:zz:etc.  It's the
> MAC it's using.
>
> It's a vital part of basic networking, whether encrypted or not, it
> can't be hidden from view.
>
> Filtering using it can only ever be slightly effective.  Likewise with
> filtering by IP.  Both are readily seen on a network, even if the data
> can't be read.  And both are easily changed.
>
> Encryption, on the other hand, involves co-relating pseudo-random keys
> on both half of the connection.  Where the key is a computation against
> a pass-phrase, and requires both sides to use the same pass phrase, and
> maths.  A third party is going to have one hell of a time trying to fake
> their way into that, unless the encryption scheme is crap (e.g. WEP and
> WPA are useless).
>
> Usually, well encrypted connections are hacked by:  Guessing stupidly
> chosen passwords or stealing them (copying written notes, implanting
> trojans, asking someone to login to something and hoping they'll use the
> same password).  The latter being dead easy.  Lots of people use the
> same password for everything.  And how often do you see some website
> that asks you to login using your Hotmail address and password?  And
> people do, without giving any thought about it.
>
Is there a tool or set of procedures that can identify
the source of an attack before it succeeds?
It seems to me that the net is really at the mercy of
the  wireless router/gateway. If it does not have/provide
a mechanism to send and alert to a daemon on a specific
machine about attempted break-ins (such as repeated
attempts of guessing the passphrase from some specific
IP address), we will never know of these attempts 'til
much later, or much too late.


More information about the users mailing list