Re: [Full-Disclosure] Cisco LEAP exploit tool...
From: Amaury Jacquot (sxpert_at_esitcom.org)
Date: 04/15/04
- Previous message: morning_wood: "RE: [Full-Disclosure] Cisco LEAP clueless exploit tool..."
- In reply to: Jeff Schreiner: "RE: [Full-Disclosure] Cisco LEAP exploit tool..."
- Next in thread: Curt Purdy: "RE: [inbox] Re: [Full-Disclosure] Cisco LEAP exploit tool..."
- Reply: Curt Purdy: "RE: [inbox] Re: [Full-Disclosure] Cisco LEAP exploit tool..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Thu, 15 Apr 2004 08:07:31 +0200
Jeff Schreiner wrote:
> 7 miles away is stretching it a bit far considering that all 802.11g
> wireless transmissions range between 2.4 - 2.4835 Ghz 802.11a/h/j range
> between 5.47 - 5.725 Ghz not only are the frequencies prone to scatter...the
> radio waves bounce off everything. All wireless routers are limited by FCC
> regulations to a maximum of 1 watt.
>
> http://www.odessaoffice.com/wireless/fcc_ism.html
>
> (1) For frequency hopping systems in the 2400-2483.5 MHz band employing at
> least 75 hopping channels, all frequency hopping systems in the 5725-5850
> MHz band, and all direct sequence systems: 1 watt. For all other frequency
> hopping systems in the 2400-2483.5 MHz band: 0.125 watts.
>
> To get a 2.4 Ghz signal to travel 7 miles you would have to install an
> amplifier to boost the output to somewhere between 5 to 10 watts a 5 Ghz
> signal would require even more at which point you're in violation of FCC
> rules and Uncle Sam might come looking for ya.
not exactly
in fact, you don't need amplifiers in most cases.
you don't even need 1 watt
in fact, the trick lies in the antenna you attach to the active end of
the communication devices.
for instance, we were able to do a 15km link at 11mbit/s with 2 15dBi
antennas from hyperlinktech.com. that's much more than 7 miles (it's
about 10 miles).
with 21dB antennas, we calculated that we'd be able to do 30km, or 20 miles.
and that's with 100mw (netgear MA311 PCI cards)
with 1 watt, you could, erh... go as far as where the roundness of the
earth prevents you from seeing the other station... (you may be able to
do some troposcatter, but you'd probably need much more power...)
> Just an FYI.
>
> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com
> [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Williams Jon
> Sent: Wednesday, April 14, 2004 2:15 PM
> To: Paul Schmehl; Email List: Full Disclosure
> Subject: RE: [Full-Disclosure] Cisco LEAP exploit tool...
>
> Well, that depends. For example, if you aren't using some form of
> strong authentication (i.e. smart cards, SecureID tokens, etc.) then its
> possible for someone to steal a laptop, use something like Cain (from
> the package Cain & Able) to extract their password from the registry.
> With that and a known wireless laptop, the attacker can then access your
> whole network from the parking lot (or the neighbor's house, or 7 miles
> away, etc.)
>
> While the same password vulnerability exists for non-wireless
> environments, it does mean that the attacker would have to have physical
> access to the building to use the credentials.
>
> Jon
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: morning_wood: "RE: [Full-Disclosure] Cisco LEAP clueless exploit tool..."
- In reply to: Jeff Schreiner: "RE: [Full-Disclosure] Cisco LEAP exploit tool..."
- Next in thread: Curt Purdy: "RE: [inbox] Re: [Full-Disclosure] Cisco LEAP exploit tool..."
- Reply: Curt Purdy: "RE: [inbox] Re: [Full-Disclosure] Cisco LEAP exploit tool..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
