[Dshield] Wireless MAC Authentication options.
josh at raintreeinc.com
Mon Jun 20 18:16:59 GMT 2005
Willy, Andrew wrote:
> My question seems really silly after reading your reply. I should have
> given it more thought before sending it -- thanks for straightening
> One other thing I'm not clear on is how someone listens in on wireless
> communication. This is something that others believe is relatively
> however for a ignoramus like me, it certainly isn't as easy to
> a wired network and listening to broadcasts. Is their some gizmo that
> allows you to 'plug in' to wireless?
One of the things I really like about DShield is that when I ask a
question, even if it turns out to be really silly after I read it
through a couple times, I don't get torn to shreds for asking. Other
lists aren't quite so nice. That said, I don't particularly think your
question was all that silly. Networks are complex, and although some
things make sense after someone or something points out the similarities
between something you're unclear on and something you understand well,
before that's pointed out it's easy to be completely flummoxed.
As to listening in, since wireless ethernet traffic is simply a radio
wave, any radio tuned in to the right frequency can technically see the
data. Making sense of it, of course, requires something more. Just like
a wired ethernet card can be set to "promiscuous" mode, so can a
wireless card. All wireless cards in a broadcast area receive all
traffic sent in that area, but most of the time they read te MAC address
of the frame and drop it if it's not for them. In promiscuous mode,
they instead pass the frame to the CPU just like they would if the
traffic were meant for them. Then tools like Kismet can read the frame,
pull out the MAC addresses in the frame, and show them to you. Then
it's simply a matter of configuring your hardware to use a valid MAC
(and making sure the MAC you chose isn't that of the device you're
trying to talk with).
Raintree Systems, Inc.
Office Phone: (801) 293-3090
Corporate Office: (760) 509-9000
More information about the list