Jump to content

Wireless security and MITM


Recommended Posts

Most of us have heard of "Man In The Middle" attacks, one form that MITM takes is this:

You go into a coffee shop that has a WAP and log on, pretty soon a guy comes in and sits down a few tables away from you. When he logs on (unknown to you), he activates a virtual WAP. This is possible with the Atheros wireless chipset which can be both a wireless client and virtual WAP at the same time. If he can find a way to interrupt your wireless signal then your system will automatically bind to the next strongest signal (which is probably his virtual WAP). So, just that easy, your network traffic is routed through his laptop. At this point I'll just ask you to use your imagination . . .

To avoid this situation, you have to check the configuration of your wireless card. You're looking for a setting called "ESSID", if your "ESSID=any" then you are vulnerable. Just blank the "ESSID" field and save the configuration. Now, whenever you don't have a connection you have to manually select a network from the list and type in your Root password to connect. Problem solved.

BTW, if you let someone 'gank' your system like that it is the moral equivilant of what's called the "fools mate" in chess.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...