Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Wifi Security

  • From: Stephen J. Wilcox
  • Date: Mon Nov 21 16:53:24 2005

On Mon, 21 Nov 2005, Joel Jaeggli wrote:
> On Mon, 21 Nov 2005, Stephen J. Wilcox wrote:
> > On Mon, 21 Nov 2005, Patrick W. Gilmore wrote:
> >> On Nov 21, 2005, at 9:42 AM, Ross Hosman wrote:
> >>
> >> Why would you even need to set up an AP?  Why not just sit and sniff traffic?
> >> Gets you the _exact_ same information.
> >
> > man in the middle is easier if you are the gateway, no need to steal arp
> 
> you don't have to steal arp on a wireless network, you just sniff the 
> frames as they go by.

> What do you learn by looking at someone's ipsec, ssl-wrappered, or ssh
> tunneled traffic?

no, we're not trying to do that, you dont really think that because its
encrypted it cant be decrypted do you?

for example, we want to intercept the encrypted data which we do by putting
ourselves inbetween the client and the server and pretending to be the server to
the client and the client to the server.. we relay security information and hope
the user clicks 'yes' when they are told the host key has changed

you dont have to break the code if the endpoints trust sessions with you and 
share their encryption keys

Steve





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.