|
|
Of closed APs and ethics
Closed networks won't do you much against other tools. I've run some tests on our corporate network with BSD-Airtools and it found our closed network immediately, and had the correct name for it within about 30 seconds. If you're really worried about wireless security then you'll want to implement some sort of VPN on top of it. However, while WEP is insecure, it does require a certain number of packets to be captured before the key can be broken. In the case of my home network, which gets fairly heavy usage, it took about 2 weeks before I had enough packets to crunch on. The problem here of course is that the sniffing of packets is completely passive, so somebody across the street or whatever can do it without your ever knowing about it.
On ethics... A wep cracking application is a very legitimate tool. As a sysadmin responsible for security, knowing of a theoretical attack is one thing; being able to quantify the level of risk is another thing entirely, and considerably more useful. Knowing roughly how hard it will be for an attacker to gain entry to my systems is absolutely necessary to put the proper amount of defensive measures in place. Good security is risk management, nothing more. The only truly secure machine is one with no network, no power cable, turned off, locked in a bank vault style room. Making the machine usable requires some risk. My current setup will keep out the script kiddies and the medium level blackhats, but the real experts and the NSA can most likely get in. It's all about balance. For our company, the cost effectiveness of NSA resistant measures is prohibitive and our staff has determined that not taking such measures is a reasonable risk given the likelihood (or lack thereof) of our being subject to such an attack. But this analysis relies entirely on the existence of tools like BSD-Airtools. A hammer can be used for constructing a frame house or for murder; it is the responsibility of the individual to use it properly. Denying the carpenter use of the hammer because somebody *might* use it for murder is a dangerous precedent-the logical conclusion of such activity is to put everybody in a 3x3 padded cell for their own protection.
BSD-Airtools on OS X?
> \0\0I've run some tests on our corporate network with BSD-Airtools and it found our closed > network immediately
BSD-Airtools on OS X?
They're working on an OS X port but as of yet it's still alpha level kernel panic stuff and only the developers are using it. I've got it running on a Dell laptop with OpenBSD 3.0, which I use for auditing the corporate space for unauthorized aps and such... |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.34 seconds |
|