Discussion:
Dean's Wireless Walkabout
(too old to reply)
Dean Pemberton
2001-08-01 09:22:17 UTC
Permalink
Hi all;

Yes this might be a first, I'm going to drag the topic BACK to something network related.

I happen to be in Auckland today. Flew in for customer chit chat which will happen tommorow.
Had a spare afternoon and no one to see so I thought I might do the geek thing and see how little old Auckland was getting along with it's wireless networking.

SO, I slapped the 802.1Q card into the laptop and strapped the GPS onto the outside of my backpack and went for a walk.

I walked down Queen Street from the top to the water, and then back up to Albert St to Wellesley then back up Symonds to my hotel.

Well. Auckland sure is brimming with wireless. But the concern (and I spose the reason that I posted this at all) was that most of it is insecure.

Now I'm a good guy. I don't want to get access to anything, god knows I see enough internet as it is. I just wanted to see how many places had embraced the 802.1Q fad.

So all in all 29 networks jumped out and grabbed me as I was walking past. only 4 of them were using WEP.
Now because I didn't actually try to gain access to any of them, I have no idea what the internal security of them is like. But I'm not expecting much.

I don't think I sniffed anything off the sky tower, I was only using the small antenna on the card.

So if you run a wireless network in the center of Auckland and you were using the strategy of "Oh it will never make it down to the street" Then you are wrong and you might like to put some more security on.

I thought about mailing my networklist out as well. But I decided against it. Mainly because it has exact GPS locations and network names. It would make easy pickings for anyone who wanted to gain access.
If you want to mail me privatly with your network name and/or card MAC address then I will give you a yes or no answer.

Dont feel alone though. I've done the same in North Sydney and come up with similar numbers.

Next week wellington.

Have fun

Dean
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Dean Pemberton
2001-08-01 10:37:56 UTC
Permalink
Oh and those of you who ARE using WEP. the world is not a happy place either
Have a look at this post by Adi Shamir to the Risks list

http://catless.ncl.ac.uk/Risks/21.55.html#subj5

You all know who Adi Shamir is don't ya? (the S in RSA for those who don't)

Dean

On Wed, Aug 01, 2001 at 09:22:17PM +1200, Dean Pemberton wrote:
[some stuff]
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
cfb
2001-08-01 11:23:38 UTC
Permalink
Post by Dean Pemberton
[...]
You all know who Adi Shamir is don't ya? (the S in RSA for those who don't)
yeah, he's the guy who built that opto-mechanical factoring device:

http://www.interesting-people.org/199905/0019.html


...with regard to securing wireless LANs... I think the best
description of the consequences of the IEEE's WEP would be:
"expecting the average consumer to configure wireless security is
living in a state of sin in a red-light district (not only
acceptable, but expected).

Of course by simple membership to this list, you exclude yourself
from set "average consumer". The counter point is that any business
hiring the "average consumer" to configure their IT resources
won't be in business very long.

Expecting any encryption algorithm to stay secure over time is
pretty much wishfull thinking... most wireless access points are
hardware devices that will be lucky to see one upgrade over their
entire lifetime. In which case, wireless LANs are best left
unsecured, instead relying on strong, adaptable client-end security...
that, and treat the wireless segment as an untrusted DMZ through
which only properly authenticated and covered access (independant
of the wireless device) is allowed.

Anyone up for a research project on geographically localized
DDoS attack client that uses bandwidth available via unsecured
wireless LANs?

Anyone up for a reserach project that does triangulation (assume
sectored antennas, but you could also use tcp/ip finger printing),
across multiple independant access points, on unauthorized network
joiners?

I believe it *is* the same god that created both cat and mouse.
(appologies to william blake)
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Chris Wedgwood
2001-08-02 06:14:50 UTC
Permalink
On Wed, Aug 01, 2001 at 09:23:38PM +1000, cfb wrote:

Anyone up for a reserach project that does triangulation (assume
sectored antennas, but you could also use tcp/ip finger printing),
across multiple independant access points, on unauthorized network
joiners?

As usual, I'm going to be as the Usenix security symposium
(http://www.usenix.org/events/sec01/) this year, if anyone is going to
be there and wants to have a chat or hang out for a bit then let me
know.

There will be more than a few people there with freaky knowledge of
WEP some of which will be toting iPaq based toys with wireless cards
:)

Since the conference has a largely technical audience, it's not hard
to hang out with various interesting people and discuss interesting
stuff (like the average height of Europeans) over sushi or whatever.


--cw
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Simon Blake
2001-08-01 10:50:24 UTC
Permalink
Evening all
Post by Dean Pemberton
So all in all 29 networks jumped out and grabbed me as I was walking
past. only 4 of them were using WEP.
I'll point yawl to todays post in the risks digest:

http://catless.ncl.ac.uk/Risks/21.55.html#subj5

Adi Shamir chatting on about how WEP is totally insecure. Get thee to
thy IPSEC - at least, that's what I'm working on this week :-).
Post by Dean Pemberton
Dont feel alone though. I've done the same in North Sydney and come
up with similar numbers.
Next week wellington.
Warming to a theme, RJN was out playing with the 'stumbler a few days
ago, and picked up an aerial that we're using across town (in Newtown)
and which should be good for maybe 500-1000m from a hill in Newlands. By
my reckoning, that's probably 12-15Km away. He also picked up networks
in use at the airport, even further afield. So secure your wireless
nets, people, because everybody can listen in...

Cheers
Si
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Dean Pemberton
2001-08-01 10:50:24 UTC
Permalink
HAHAHAHA ROFLMAO

Choccie Fish for Joe here.

Yes of course I mean 802.11

hahaha - I'm still laughing at that cock up.

So how many people were worried that I could see their Vlans from the street?

Dean
Hi, umm feel free to shoot me down but don't you mean 802.11(b)?
---
Joe Lewis
Post by Dean Pemberton
Hi all;
Yes this might be a first, I'm going to drag the topic BACK to something network related.
I happen to be in Auckland today. Flew in for customer chit chat which will happen tommorow.
Had a spare afternoon and no one to see so I thought I might do the geek thing and see how little old Auckland was getting along with it's wireless networking.
SO, I slapped the 802.1Q card into the laptop and strapped the GPS onto the outside of my backpack and went for a walk.
I walked down Queen Street from the top to the water, and then back up to Albert St to Wellesley then back up Symonds to my hotel.
Well. Auckland sure is brimming with wireless. But the concern (and I spose the reason that I posted this at all) was that most of it is insecure.
Now I'm a good guy. I don't want to get access to anything, god knows I see enough internet as it is. I just wanted to see how many places had embraced the 802.1Q fad.
So all in all 29 networks jumped out and grabbed me as I was walking past. only 4 of them were using WEP.
Now because I didn't actually try to gain access to any of them, I have no idea what the internal security of them is like. But I'm not expecting much.
I don't think I sniffed anything off the sky tower, I was only using the small antenna on the card.
So if you run a wireless network in the center of Auckland and you were using the strategy of "Oh it will never make it down to the street" Then you are wrong and you might like to put some more security on.
I thought about mailing my networklist out as well. But I decided against it. Mainly because it has exact GPS locations and network names. It would make easy pickings for anyone who wanted to gain access.
If you want to mail me privatly with your network name and/or card MAC address then I will give you a yes or no answer.
Dont feel alone though. I've done the same in North Sydney and come up with similar numbers.
Next week wellington.
Have fun
Dean
---------
unsubscribe nznog
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Juha Saarinen
2001-08-01 21:15:41 UTC
Permalink
:: So how many people were worried that I could see their Vlans
:: from the street?

Dean's such a nice guy so...

Still, WEP stands for "wire equivalency protocol", doesn't it? Ergo,
perhaps it's silly to expect it to be any more secure than Cat5?

Is IPsec really the best solution here, considering it has problems in
NAT'ed environments?

-- Juha

---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Jeff Williams
2001-08-02 07:35:22 UTC
Permalink
Juha and all,
Post by Juha Saarinen
:: So how many people were worried that I could see their Vlans
:: from the street?
Dean's such a nice guy so...
Still, WEP stands for "wire equivalency protocol", doesn't it? Ergo,
perhaps it's silly to expect it to be any more secure than Cat5?
Is IPsec really the best solution here, considering it has problems in
NAT'ed environments?
I would recommend against IPsec at this time. I have done 4
implementations.
It is quite expensive and time consuming not to mention a administration
nightmare if you are not very careful...
Post by Juha Saarinen
-- Juha
---------
unsubscribe nznog
Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 118k members strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail ***@ix.netcom.com
Contact Number: 972-447-1800 x1894 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Craig Whitmore
2001-08-02 06:22:14 UTC
Permalink
Post by Jeff Williams
I would recommend against IPsec at this time. I have done 4
implementations.
It is quite expensive and time consuming not to mention a administration
nightmare if you are not very careful...
If you want better security then nothing is expensive. But saying that,
there are quite a number of Free IPSEC software programs such as
FreeSwan which work very well and not that hard to implement.

Thanks
Craig Whitmore
Orcon Internet
http://www.orcon.net.nz
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Jeff Williams
2001-08-02 08:40:11 UTC
Permalink
Craig and all,
Post by Craig Whitmore
Post by Jeff Williams
I would recommend against IPsec at this time. I have done 4
implementations.
It is quite expensive and time consuming not to mention a administration
nightmare if you are not very careful...
If you want better security then nothing is expensive.
How true. But there are limits. As you may know, in the US
and the UK many IT companies as well as ISP's and Telecoms
are laying off the security guys at the moment to trim their
budgets. I personally believe this practice to trim budgets
is a huge mistake form a management point of view. But that
seems to be a trend presently, none the less. In fact CNN did
a report on this just a couple of days ago.
Post by Craig Whitmore
But saying that,
there are quite a number of Free IPSEC software programs such as
FreeSwan which work very well and not that hard to implement.
Yeah Freeswan works ok, but I wouldn't say well. It is too easy to hack.

We use elliptical curve Encapsulation Encryption as many western Govmts.
require that level of encryption on IP's. As I was one of the original
developers (Several years ago now) on ECEE it is a snap for me or my
guys to implement it. But we just don't have enough trained staff to
do the demand presently.
Post by Craig Whitmore
Thanks
Craig Whitmore
Orcon Internet
http://www.orcon.net.nz
Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 118k members strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail ***@ix.netcom.com
Contact Number: 972-447-1800 x1894 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Craig Whitmore
2001-08-02 07:20:13 UTC
Permalink
Post by Jeff Williams
We use elliptical curve Encapsulation Encryption as many western Govmts.
require that level of encryption on IP's. As I was one of the original
developers (Several years ago now) on ECEE it is a snap for me or my
guys to implement it. But we just don't have enough trained staff to
do the demand presently.
Where can I find information on this? what makes it better than Industry
standard IPSEC?
An RFC? Who exactly is using it?
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Jeff Williams
2001-08-02 10:33:41 UTC
Permalink
Craig and all,
Post by Craig Whitmore
Post by Jeff Williams
We use elliptical curve Encapsulation Encryption as many western Govmts.
require that level of encryption on IP's. As I was one of the original
developers (Several years ago now) on ECEE it is a snap for me or my
guys to implement it. But we just don't have enough trained staff to
do the demand presently.
Where can I find information on this?
Check the IETF archives.
Post by Craig Whitmore
what makes it better than Industry
standard IPSEC?
Well EC can be used with IPsec as it is an algorithm if you choose
to do that.
Post by Craig Whitmore
An RFC? Who exactly is using it?
I don't have the RFC book marked evidently on this system. But I have
it somewhere on my main system. I see if I can find it and post the URL's to
you when I return to the US.
A number of large banks, the SEC, the NASD, the US Federal reserve
bank, and I believe the US Treasury Dept. NSA uses Elliptical Curve
as well for certs for E-Mail and special file transfers. Also a number of
Investment houses use it as well that I know of. The list is rather long.

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 118k members strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail ***@ix.netcom.com
Contact Number: 972-447-1800 x1894 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Chris Wedgwood
2001-08-02 07:27:14 UTC
Permalink
On Thu, Aug 02, 2001 at 01:40:11AM -0700, Jeff Williams wrote:

We use elliptical curve Encapsulation Encryption as many western
Govmts. require that level of encryption on IP's. As I was one
of the original developers (Several years ago now) on ECEE it is a
snap for me or my guys to implement it. But we just don't have
enough trained staff to do the demand presently.

I'm probably going to regret asking...

Eh? Please explain this... what you've said was completely
meaningless. It could be your using IPsec with ISAKMP for the EC
stuff, ot it could be something completely different.

And which governments require this? Where does it state that?



--cw
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Matthew G Brown
2001-08-02 22:14:47 UTC
Permalink
Word has it .. and im about to go and find out for sure that 802.11a will no
longer have WEP as we know it. Even Lucent & Ciscos newer implementation of
exchanged keys for WEP are still basicly useless with MAC address Spoofing .

There are some scary stories to be told in the US of Wireless Network
sniffing.

Regards
--
| Matthew G Brown
| Tasman Solutions LTD
| Wireless Network Specialist
| http://www.tasman.net

?
Post by Jeff Williams
Post by Juha Saarinen
Is IPsec really the best solution here, considering it has problems in
NAT'ed environments?
I would recommend against IPsec at this time. I have done 4
implementations.
It is quite expensive and time consuming not to mention a administration
nightmare if you are not very careful...
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Matthew G Brown
2001-08-02 22:14:47 UTC
Permalink
Word has it .. and im about to go and find out for sure that 802.11a will no
longer have WEP as we know it. Even Lucent & Ciscos newer implementation of
exchanged keys for WEP are still basicly useless with MAC address Spoofing .

There are some scary stories to be told in the US of Wireless Network
sniffing.

Regards
--
| Matthew G Brown
| Tasman Solutions LTD
| Wireless Network Specialist
| http://www.tasman.net

?
Post by Jeff Williams
Post by Juha Saarinen
Is IPsec really the best solution here, considering it has problems in
NAT'ed environments?
I would recommend against IPsec at this time. I have done 4
implementations.
It is quite expensive and time consuming not to mention a administration
nightmare if you are not very careful...
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog


---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Chris Wedgwood
2001-08-02 06:03:54 UTC
Permalink
On Thu, Aug 02, 2001 at 09:15:41AM +1200, Juha Saarinen wrote:

Is IPsec really the best solution here, considering it has
problems in NAT'ed environments?

IPsec is terrible solution, but for lack of many 'open' choices it may
be the best one. There are various hacks to allow IPsec to work to a
certain extent even when NAT is involved.



--cw
---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Juha Saarinen
2001-08-02 06:25:23 UTC
Permalink
Post by Chris Wedgwood
IPsec is terrible solution, but for lack of many 'open' choices it may
be the best one. There are various hacks to allow IPsec to work to a
certain extent even when NAT is involved.
I had some ORINOCO-related PDFs sent to me, which mention a few other
solutions. Anyone interested, mail me offlist.
--
Regards,


Juha

---------
To unsubscribe from nznog, send email to ***@list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
Loading...