No wonder wireless struggles to take off!
I was just watching this show on BBC 3 called The Real Hustle.
They had this so called 'IT Security Consultant' on it and he says:
"I would never use wireless for any transactions over the internet.
I mean come on, maybe a public open wireless internet connection, but not any. What about secure ones?
He just makes it sound so insecure to general public, what an idiot.
They had this so called 'IT Security Consultant' on it and he says:
"I would never use wireless for any transactions over the internet.
I mean come on, maybe a public open wireless internet connection, but not any. What about secure ones?
He just makes it sound so insecure to general public, what an idiot.
Comments
-
eurotrash Member Posts: 817i don't like wireless. i feel it isn't under my control as much as wires.witty comment
-
keatron Member Posts: 1,213 ■■■■■■□□□□Just keep in mind that most of the biggest and most costly hacks in history had nothing to do with wireless.
-
wildfire Member Posts: 654i don't like wireless. i feel it isn't under my control as much as wires
Trust me coming from a military background in telecoms u dont need to be at the wire to pickup whats going on, emf does that for you, or even better your monitor.
Wireless has been slow on the uptake for a number of reason, Im pro wireless myself, however if it isnt implemented properly it is a great big security hole!
Programs like ehtereal and kismet and be used to capture data very easily trust me, I thought id try to break my own wireless network, a laptop a card linux and a few free programs and Im in through wep after about 45 mins
Even with WPA PSK sniffing is possible and decypthering, the only decent way is by implementing WPA2 with a Radius server or a VPN Sec tunnel.
You average joe is gonna read what Ive just written and think HUH? what? most people at home want to plug and go.
As for business like you say there are too many scare stories out there, and without the proper skills and people to implement them they may aswell post their information on a notive board.
With up and coming technologies such as Wimix (802.16) offering much higher data rates and better inherent security I think we will see an increased uptake, especially in the mobile world we now live on.
Now Ive distracted myself from study for too long back to the books
PS whats a MOS master??Looking for CCIE lab study partnerts, in the UK or Online. -
Webmaster Admin Posts: 10,292 AdminThe sheer increase of knowledge of wireless networks and wireless network security I've seen in these forums of the past several years alone shows wireless will remain on the uprise and I'm sure it will eventually start getting a better rep in terms of security. Eventually every IT pro involved with networks will have to learn the technology.
Here's another recent topic partly on the same subject:
www.techexams.net/forums/viewtopic.php?t=13482 -
wildfire Member Posts: 654The sheer increase of knowledge of wireless networks and wireless network security I've seen in these forums of the past several years alone shows wireless will remain on the uprise and I'm sure it will eventually start getting a better rep in terms of security. Eventually every IT pro involved with networks will have to learn the technology.
Agreed, Wireless is getting bigger at an exponential rate (man I can't spell)
And hopefully new up and coming technologies will make it the de facto for home connectivity and enterprise remote connectivity.
Thanks for the link to the other topic intresting read, air on the side of caution though when "playing"
heres a story I read a few months back and saved
http://www.engadget.com/2005/07/22/u-k-man-arrested-fined-for-using-open-wifi-signal/Looking for CCIE lab study partnerts, in the UK or Online. -
mobri09 Users Awaiting Email Confirmation Posts: 723Especially with the free open source tools! Anybody can easily donwload and compromise a network or computer with them . Nothing will ever be secure, wired or wirless. If its not an attack on the outside its an attack from a corrupt employee on the inside.
-
JDMurray Admin Posts: 13,101 Adminwildfire wrote:Even with WPA PSK sniffing is possible and decypthering, the only decent way is by implementing WPA2 with a Radius server or a VPN Sec tunnel.
If you look at all the WPA cracking tools out there, you'll see that most perform a simple dictionary attack against the passphrase in the hopes that it is easily discoverable, which a very random passphrase is not. The brute force WPA crackers are thwarted by a very long passphrase and a very short key rotation interval. -
JDMurray Admin Posts: 13,101 Adminmobri09 wrote:If its not an attack on the outside its an attack from a corrupt employee on the inside.
-
keatron Member Posts: 1,213 ■■■■■■□□□□wildfire wrote:PS whats a MOS master??
Just another certification Microsoft gives you if you pass the Word Expert, Excel Expert, Access, and Powerpoint exams. I had to teach those classes to a big client last year and I figured it would only help my credibiltiy with them. Not technical at all.
Wildfire, you should read my post in the security forums "Simple Wireless security lab" I talk briefly about cracking WEP there. I plan on hitting WPA soon. After posting that, I went back and did it all again using Backtrack (it's a combination of the popular pentesting linux live bootable cd distros whax and auditor). I must say it was even faster using no more than that cd, didn't have to download anything. It took me just under 15 minutes. However, give me Nmap, a poorly protected Windows box and Metasploit and I can do much more damage in a shorter period of time. And it doesn't matter how far away it is, unlike a wireless exploit. -
wildfire Member Posts: 654Just another certification Microsoft gives you if you pass the Word Expert, Excel Expert, Access, and Powerpoint exams. I had to teach those classes to a big client last year and I figured it would only help my credibiltiy with them. Not technical at all.
Ah ok I know now, have got MOS (just the normal one) but hadnt heard of master.
I personally attempted a WPA crack myself using a dictionery attack, I used a simple dictionery attack and 8 hours later was still collating data, ah well, its doable I spose just couldnt do it and I gave up.
Heres a video I found about 6 months back which makes it look all so easy! well it isnt lol!!
http://www.crimemachine.com/Tuts/Flash/WPA.html
Its worth remebering that this type of attack is active and Will be spotted!
Whereas as tools like airopeek and Kismet are passive onlyLooking for CCIE lab study partnerts, in the UK or Online. -
RussS Member Posts: 2,068 ■■■□□□□□□□Me - I'm thinking that if there are many more waves floating around I am gonna start glowing in the darkwww.supercross.com
FIM website of the year 2007 -
strauchr Member Posts: 528 ■■■□□□□□□□Yeah but how is HTTPS sessions less secure over wireless than wired is my point? And a statement by a so called IT Securty Professional that annoys me.
-
JDMurray Admin Posts: 13,101 Adminstrauchr wrote:Yeah but how is HTTPS sessions less secure over wireless than wired is my point?
-
JDMurray Admin Posts: 13,101 Adminwildfire wrote:Heres a video I found about 6 months back which makes it look all so easy! well it isnt lol!!
http://www.crimemachine.com/Tuts/Flash/WPA.html