FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 11-27-2007, 02:13 PM
Felipe Figueiredo
 
Default MAC security ( Question about Wireless)

Em Tuesday 27 November 2007 12:45:26 Nils Kassube escreveu:

> MAC filtering means that the AP only talks to a known set of MAC
> addresses. It isn't secure because you can set some (maybe all?) wireless
> cards to arbitrary MAC addresses - but there are problems doing it. 1) It
> may be illegal. 2) If the real owner of that MAC address is active there
> will be lots of collisions and possibly both clients can't do anything
> usefull.

Interesting. I assume one would have to know beforehand of a permitted MAC in
order to use this attack vector.

Just out of curiosity, is there any known way (not brute force) to discover
such permitted MAC addresses that script kids can exploit?


> Anyway, if you want to have a rather secure wireless network,
> use WPA/WPA2.

I already do, thanks.

FF

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 02:40 PM
"Miano, Steven M."
 
Default MAC security ( Question about Wireless)

> -----Original Message-----
> From: ubuntu-users-bounces@lists.ubuntu.com [mailto:ubuntu-users-
> bounces@lists.ubuntu.com] On Behalf Of Felipe Figueiredo
> Sent: Tuesday, November 27, 2007 10:13 AM
> To: Ubuntu user technical support, not for general discussions
> Subject: MAC security (Re: Question about Wireless)
>
> Em Tuesday 27 November 2007 12:45:26 Nils Kassube escreveu:
>
> > MAC filtering means that the AP only talks to a known set of MAC
> > addresses. It isn't secure because you can set some (maybe all?)
> wireless
> > cards to arbitrary MAC addresses - but there are problems doing it. 1)
> It
> > may be illegal. 2) If the real owner of that MAC address is active there
> > will be lots of collisions and possibly both clients can't do anything
> > usefull.
>
> Interesting. I assume one would have to know beforehand of a permitted MAC
> in
> order to use this attack vector.
>
> Just out of curiosity, is there any known way (not brute force) to
> discover
> such permitted MAC addresses that script kids can exploit?
>
>
> > Anyway, if you want to have a rather secure wireless network,
> > use WPA/WPA2.
>
> I already do, thanks.
>
> FF
>
> --
> ubuntu-users mailing list
> ubuntu-users@lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

The WAP I use at home only accepts 4 different MAC addresses, my laptop, my work laptop, my roommate's laptop, and my roommate's work laptop. It also only allows for 7 IPs to be leased out from it, ever. If someone were to sniff the packets and discover any of the 4 different MAC addresses and then spoof the MAC address with their own computer, that's fabulous, and if they really want to go that far to use our internet connection, good on them.

Sniffing packets at a local Starbucks you can farm MAC addresses if you really want to, but really it's not something that anyone would really have an interest in doing.

Seriously though, how secure do you need your WAP, and what do you do for a living that you need to wear that tin foil hat?

CONFIDENTIALITY NOTICE: This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. If you are not the intended recipient of this e-mail, please notify the sender immediately by return e-mail, purge it and do not disseminate or copy it.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 02:47 PM
Nils Kassube
 
Default MAC security ( Question about Wireless)

Felipe Figueiredo wrote:
> Em Tuesday 27 November 2007 12:45:26 Nils Kassube escreveu:
> > MAC filtering means that the AP only talks to a known set of MAC
> > addresses. It isn't secure because you can set some (maybe all?)
> > wireless cards to arbitrary MAC addresses - but there are problems
> > doing it. 1) It may be illegal. 2) If the real owner of that MAC
> > address is active there will be lots of collisions and possibly both
> > clients can't do anything usefull.
>
> Interesting. I assume one would have to know beforehand of a permitted
> MAC in order to use this attack vector.
>
> Just out of curiosity, is there any known way (not brute force) to
> discover such permitted MAC addresses that script kids can exploit?

Well, not exactly, i.e. the AP doesn't transmit a list of accepted
clients. But if you can listen to the traffic of the AP with a particular
client you can find out the client's MAC. I don't know exactly which
program to use, but I suppose there are several available. If you google
for "wordriving" you will probably find them. Or maybe in the links in
this article about cracking WEP are a starting point:
<http://www.heise-security.co.uk/news/87889>


Nils

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 03:21 PM
Derek Broughton
 
Default MAC security ( Question about Wireless)

Miano, Steven M. wrote:

>> bounces@lists.ubuntu.com] On Behalf Of Felipe Figueiredo
>>
>> Em Tuesday 27 November 2007 12:45:26 Nils Kassube escreveu:
>>
>> > MAC filtering means that the AP only talks to a known set of MAC
...
>> Interesting. I assume one would have to know beforehand of a permitted
>> MAC in order to use this attack vector.
>>
>> Just out of curiosity, is there any known way (not brute force) to
>> discover
>> such permitted MAC addresses that script kids can exploit?

ethereal/wireshark

> The WAP I use at home only accepts 4 different MAC addresses, my laptop,
> my work laptop, my roommate's laptop, and my roommate's work laptop. It
> also only allows for 7 IPs to be leased out from it, ever. If someone were
> to sniff the packets and discover any of the 4 different MAC addresses and
> then spoof the MAC address with their own computer, that's fabulous, and
> if they really want to go that far to use our internet connection, good on
> them.

It's not fabulous, because it can make it impossible for _you_ to use that
MAC.

> Sniffing packets at a local Starbucks you can farm MAC addresses if you
> really want to, but really it's not something that anyone would really
> have an interest in doing.

?? It certainly is. With a router between your LAN and the Internet, you
really don't have to worry too much about intrusions from the Internet -
and if you're using HTTPS and TLS for anything sensitive they can't sniff
the data - but if you're letting somebody onto your wireless LAN, suddenly
they're inside your firewall and have access to your own computers.

> Seriously though, how secure do you need your WAP, and what do you do for
> a living that you need to wear that tin foil hat?

This is just basic security - not "tin foil hat" territory, but it's pretty
funny when you follow it by _this_ which is real tin foil hat stuff:
>
> CONFIDENTIALITY NOTICE: This e-mail may contain information that is
> privileged, confidential or otherwise protected from disclosure. If you
> are not the intended recipient of this e-mail, please notify the sender
> immediately by return e-mail, purge it and do not disseminate or copy it.

--
derek


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 03:23 PM
Nils Kassube
 
Default MAC security ( Question about Wireless)

Miano, Steven M. wrote:
> Seriously though, how secure do you need your WAP, and what do you do
> for a living that you need to wear that tin foil hat?

The problem is liability. If somebody uses my internet connection for
criminal activity I may be liable because I am responsible for the use of
the IP address given to me.


Nils

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 03:25 PM
Leo Cacciari
 
Default MAC security ( Question about Wireless)

Il giorno mar, 27/11/2007 alle 10.40 -0500, Miano, Steven M. ha scritto:
> Seriously though, how secure do you need your WAP, and what do you do for a living that you need to wear that tin foil hat?
Hi Steven,
the problem is not what _I_ do, the problem is (could be) what someone
hijacking my Internet connection could do. As a rule, you are hold
responsible for any use of your Internet connection, both from your ISP
and by the Law. If someone uses your Internet connection for illegal
purposes _you_ could be held responsible, unless _you_ prove it wasn't
you accessing the Internet with your ISP account. Proving that sort of
thing can be at best a PITA and at worst _impossible_. Thus, event
thought you've nothing to hide, I'll advise you to use some stronger
authentication technique on your WAP.

Note:
legal issues are different from one country to another, thus maybe the
above doesn't apply to you. But I'm ready to bet that if someone use
your wireless connection to send some million spam messages your ISP
will terminate your account without even bothering telling you why.

--
Leo "TheHobbit" Cacciari

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 03:47 PM
Derek Broughton
 
Default MAC security ( Question about Wireless)

Nils Kassube wrote:

> Miano, Steven M. wrote:
>> Seriously though, how secure do you need your WAP, and what do you do
>> for a living that you need to wear that tin foil hat?
>
> The problem is liability. If somebody uses my internet connection for
> criminal activity I may be liable because I am responsible for the use of
> the IP address given to me.

It's not even necessarily that you could be held liable for something known
to have been done by somebody else. If somebody is downloading kiddie-porn
over your connection, and your IP is found in the investigation, you're
going to be treated as a criminal right up to the point that they find
proof that you didn't do it - and maybe beyond. And, frankly, I don't
think you'll get (or deserve) much sympathy.
--
derek


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 04:15 PM
Nils Kassube
 
Default MAC security ( Question about Wireless)

Derek Broughton wrote:
> Miano, Steven M. wrote:
> > Seriously though, how secure do you need your WAP, and what do you do
> > for a living that you need to wear that tin foil hat?
>
> This is just basic security - not "tin foil hat" territory, but it's
> pretty
>
> funny when you follow it by _this_ which is real tin foil hat stuff:
> > CONFIDENTIALITY NOTICE: This e-mail may contain information that is
> > privileged, confidential or otherwise protected from disclosure. If
> > you are not the intended recipient of this e-mail, please notify the
> > sender immediately by return e-mail, purge it and do not disseminate
> > or copy it.

Ooops - I missed that funny part of the mail and replied anyway. As I'm
not sure I was an "intended recipient", I will now go and wash my brain
to forget the contents of that particular mail


Nils

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 05:04 PM
"Miano, Steven M."
 
Default MAC security ( Question about Wireless)

> -----Original Message-----
> From: ubuntu-users-bounces@lists.ubuntu.com [mailto:ubuntu-users-
> bounces@lists.ubuntu.com] On Behalf Of Nils Kassube
> Sent: Tuesday, November 27, 2007 12:15 PM
> To: ubuntu-users@lists.ubuntu.com
> Subject: Re: MAC security (Re: Question about Wireless)
>
> Derek Broughton wrote:
> > Miano, Steven M. wrote:
> > > Seriously though, how secure do you need your WAP, and what do you do
> > > for a living that you need to wear that tin foil hat?
> >
> > This is just basic security - not "tin foil hat" territory, but it's
> > pretty
> >
> > funny when you follow it by _this_ which is real tin foil hat stuff:
> > > CONFIDENTIALITY NOTICE: This e-mail may contain information that is
> > > privileged, confidential or otherwise protected from disclosure. If
> > > you are not the intended recipient of this e-mail, please notify the
> > > sender immediately by return e-mail, purge it and do not disseminate
> > > or copy it.
>
> Ooops - I missed that funny part of the mail and replied anyway. As I'm
> not sure I was an "intended recipient", I will now go and wash my brain
> to forget the contents of that particular mail
>
>
> Nils
>
> --
> ubuntu-users mailing list
> ubuntu-users@lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users


Too true that it's illegal to use someone else's wireless access point:

http://money.cnn.com/2005/07/07/technology/personaltech/wireless_arrest/index.htm

If someone else uses your internet connection (that your responsible for) they are liable for it.

By your thought process I shouldn't leave my gun on my nightstand with a round in the chamber because if someone were to come into my home and shoot my roommate then I'd be liable for killing my roommate?

I just think some of you guys are going a bit extreme for home/network security. If you really need security you shouldn't be wireless anyway.




CONFIDENTIALITY NOTICE: This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. If you are not the intended recipient of this e-mail, please notify the sender immediately by return e-mail, purge it and do not disseminate or copy it.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-27-2007, 05:21 PM
Nils Kassube
 
Default MAC security ( Question about Wireless)

Derek Broughton wrote:
> It's not even necessarily that you could be held liable for something
> known to have been done by somebody else. If somebody is downloading
> kiddie-porn over your connection, and your IP is found in the
> investigation, you're going to be treated as a criminal right up to the
> point that they find proof that you didn't do it - and maybe beyond.
> And, frankly, I don't think you'll get (or deserve) much sympathy.

Exactly. That's why I can't understand that some people let random
strangers use their WAP. I wouldn't mind the bandwidth if I'm not
currently needing it myself, but I might object to the unknown contents
of their traffic.


Nils

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 12:57 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org