Re: Re: Sneaking a peek on Wlan in airports

To:	alan <alan@clueserver.org>
Subject:	Re: Re: Sneaking a peek on Wlan in airports
From:	killy <killfactory@gmail.com>
Date:	Fri, 18 May 2007 10:28:59 -0400
Cc:	ebk_lists@hotmail.com, pen-test@securityfocus.com, pen-test-return-1078484159@securityfocus.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Dkim-signature:	a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=kZ5CFPtndX8+eQ7xbrcQjnkoQL+pMRkigKQenwoOvqQCoodhaLcfBup3q+dR0AhLNivL7x9/44Fx3BtH70q2lBXR7EIKHCWG9XynKp4AL73584lz146IcVCeThfhrtTAKvgahmLOVgxun1XXeCmooKnT/TPevs3es+tvycxfRU8=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=eO1meIZUK0brX8wPfEoyNgG78Jr8FvRzBfUwgttJIVmM2If8Vtp+ZZmiessczr00I475LhwCLCeJqZKVhvOPFOc544w21dUBlDKoOESrMycwKujBsjB///yGQ6RZBgyWt6BrCatimko/Ri2wfcyp1rtDJMdC0arxr4Apz0RYOfo=
In-reply-to:	<Pine.LNX.4.64.0705171407200.1969@blackbox.fnordora.org>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<20070517205431.12271.qmail@securityfocus.com> <Pine.LNX.4.64.0705171407200.1969@blackbox.fnordora.org>
Resent-date:	Fri, 18 May 2007 12:24:09 -0600 (MDT)
Resent-from:	pen-test-return-1078484165@securityfocus.com
Resent-message-id:	<20070518182409.D2936143A9D@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

ROFL, that is exactly what I was thinking.

This is a sticky situation really.

Jason,

I have not always agreed with the idea that this is intercepting communications.

If you were to do an arp poisoning or someother MITM ;) attack, then
yes i agree that that is intercepting.

But if you are in promiscuous mode wirelessly, that is kind of like
over hearing a conversation happening in an elevator.

I know that may not stand up in court, but I have always thought that.

Now with that being said, to run some HIDS on you wireless connection
is almost the same right?

So, to protect my self I run in promiscuous mode and I have to evalute
the traffic that is broadcasting and being received by my NIC. I
didn't ask for the traffic to touch my NIC, but it does. So, now a
flase positive is triggered and packets are logged. Not that false
positives ever happen ;-). So am I now in trouble because I picked up
some SMB traffic and it was inaccurately logged and maybe I logged a
sensitive file being transfered?

Maybe I am just a wacko..lol

But this is a fun topic.

-kill

On 5/17/07, alan <alan@clueserver.org> wrote:

On Thu, 17 May 2007, ebk_lists@hotmail.com wrote:

> I agree wholeheartedly with this view.
>
> Not much else to say!
>
> If you really feel it is necessary, than trying to advise the person/company 
of the issue anonymously is an option. Depending on the nature and severity of the 
issue.

Maybe the airport needs a "Wall of Sheep".

--
"ANSI C says access to the padding fields of a struct is undefined.
ANSI C also says that struct assignment is a memcpy. Therefore struct
assignment in ANSI C is a violation of ANSI C..."
                                  - Alan Cox

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



--
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Sneaking a peek on Wlan in airports, krymson Re: Re: Sneaking a peek on Wlan in airports, ebk_lists Re: Re: Sneaking a peek on Wlan in airports, alan Re: Re: Sneaking a peek on Wlan in airports, killy <= Re: Sneaking a peek on Wlan in airports, Jason Chambers Re: RE: Sneaking a peek on Wlan in airports, ebk_lists RE: RE: Sneaking a peek on Wlan in airports, mystic33 Re: Sneaking a peek on Wlan in airports, Thor (Hammer of God) RE: Sneaking a peek on Wlan in airports, Erin Carroll Re: Re: Sneaking a peek on Wlan in airports, ebk_lists Re: Sneaking a peek on Wlan in airports, Toby Barrick Re: Re: Sneaking a peek on Wlan in airports, ebk_lists Re: Sneaking a peek on Wlan in airports, Manuel Arostegui Ramirez

Previous by Date:	Re: Sneaking a peek on Wlan in airports, M . B . Jr .
Next by Date:	Format String Vulnerabilities, Mike Gibson
Previous by Thread:	Re: Re: Sneaking a peek on Wlan in airports, alan
Next by Thread:	Re: Sneaking a peek on Wlan in airports, Jason Chambers
Indexes:	[Date] [Thread] [Top] [All Lists]