[Dshield] Wireless networks and corporate Lans

Johannes B. Ullrich jullrich at sans.org
Sat Feb 28 22:17:19 GMT 2004

> Windows likes to connect to everything it can unless you specifically 
> tell it not to, so yes, it will probably connect to both.

I rejected a couple of comments like this (mostly for excessive
quoting). This one I let slide to allow me to respond.

Windows or Unix are not all that different. Most of them are
these days configured to grab whatever network connection they
find, and trust whatever DHCP server they can find.

This trust into DHCP servers can be a bad thing under other
circumstances. There have been cases where a rouge DHCP server
handed out fake gateways to ISP customers to sniff the traffic.

In case of an ISP's DHCP server, there isn't much you can do.
The only thing to do is to treat any information from it with
care, and not to trust your ISPs gateway to begin with (e.g.
encrypt your data).

Anyway. This is not an OS issue. DHCP/self configuring systems
are vulnerable "by design".

CTO SANS Internet Storm Center               http://isc.sans.org
phone: (617) 837 2807                          jullrich at sans.org 

contact details: http://johannes.homepc.org/contact.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20040228/295f9971/attachment.bin

More information about the list mailing list