[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Monday's C'dale meeting topic



> Hmm sounds like a kismet expert here? (I hope)  Maybe you can put
> together some tips on using it.  I have played with it minimally.  I
> hear it can 'detect' Netstumbler but have not found out how.  Have you
> messed with it enough to do this?  I also installed the Festival package
> to play with the voice announcements.  I thought that would make driving
> solo missions safer.  ;-)

Well, I am not an expert with it but I got to play around with it at SANS 
some.  I haven't ever seen it detect netstumbler, but given the nature of 
netstumbler i wouldn't doubt it.  There are a couple of sniffers that you 
might want to look at as well, Mognet 
(http://chocobospore.org/projects/mognet) is a free java-based OS wireless 
sniffer.  There is also Airsnort (http://aiesnort.sourceforge.net) this 
one requires a Prism2 chipset in your wireless card, those are usually 
Linksys.  And needs about 500 Meg of data to crack the WEP key if it is 
all encrypted.

The main problem is that the wireless protocol SUCKS with the encryption 
built into it.  A retarded monkey could crack it.  There are somethings 
that you could do for a defense against it though, it being wardriving not 
the suck ass encryption.

- turn down your antenna's power, it is making your sterile anyways.
- use a VPN check out SLAN for a free one, slan.sourceforge.net.
- don't use the default SSID and don't broadcast the thing.
- check to make sure that you didn't leave the default password on your 
  access point.
- create a DMZ on your firewall that you run your access point off of to 
  ensure that everything is connected right.
- if at all possible do some sort of MAC filtering on the access point, 
  this might become unmanagable with a large amount of connections though.

back to my nap, hope that helped.

tighe

-- 
Tighe Schlottog         workape         fiaid
"Nothing is too cruel if it is funny enough."


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.