RE: [Full-disclosure] Wi-fi. Approaching customers

From: Mark Senior (Mark.Senior_at_gov.ab.ca)
Date: 03/16/05

Next message: Ryan Sumida: "Re: [Full-disclosure] Wi-fi. Approaching customers"

Previous message: Sune Kloppenborg Jeppesen: "[Full-disclosure] [gentoo-announce] [ GLSA 200503-19 ] MySQL: Multiple vulnerabilities"
Maybe in reply to: Gregh: "[Full-disclosure] Wi-fi. Approaching customers"
Next in thread: Michael Holstein: "Re: [Full-disclosure] Wi-fi. Approaching customers"
Reply: Michael Holstein: "Re: [Full-disclosure] Wi-fi. Approaching customers"
Reply: Ryan Sumida: "RE: [Full-disclosure] Wi-fi. Approaching customers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 16 Mar 2005 09:25:53 -0700
To: "Ron DuFresne" <dufresne@winternet.com>

Just making a wild guess here, but - if I were going to implement
something like this, I'd think to use a rough sort of triangulation.
Put access points outside the building, but don't use them to grant
network access, only to compare the signal strength of transmissions you
pick up on the inside access points.

That might then open you up to someone with a carefully aimed
directional antenna shooting their signal straight at one of your
"inside" sensors, and letting the "outside" ones only see a very weak
signal. Still, just sitting in a park with a laptop should be
detectable.

I guess you could only meaningfully compare signal strengths as seen at
different points, as at light speed the delays wouldn't be measurable
with any sort of accuracy. (If you could measure the delays you'd be in
great shape - that was used in WWI to pick out the location of gun
batteries, just using two mics and very accurate timers.)

Purest speculation though - I've no idea how they do this.

Mark

-----------
on March 15, 2005 22:04 Ron DuFresne wrote:

On Wed, 16 Mar 2005, Gregh wrote:

[HEADERS SNIPPED]

>
>
> >
> >>From what little I read on their site, it seems to be a radius auth
> >>mech
> > based upon MAC addresses.
> >
>
> Isn't that basically what a lot of wi-fi broadband router/modems do
anyway?
>
> Eg, set up a netgear DG834 (think it was) and it was having problems
with auto assigned IPs for lan members so shortcut the problem by
telling it to manually assign IP number to MAC so that each time a MAC
came in range it got the same IP number always. I set the IP numbers
manually at each client computer and thus they would only connect using
that number. Connection problems died off instantly, then. The upshot is
that if the MAC is unknown, it cant get access now even if the WEP is
successfully decrypted. Wouldn't that radius auth be basically that
idea?
>

That's what I read, as well as a lot of talk about "location-enabled
network or LENs", which the more reading I do give the impression they
have some kind of GPS functionality invovled, this is the only way I can
make any real sense of their claims to be able to segment the wLAN<s>
into locations and determine a sense of perimiter limits and location
sense.
Of course, I'm trying to give the benefit of the doubt and read that
they actually sell what they are claiming in marketing lit.

Thanks,

Ron DuFresne

--
"Sometimes you get the blues because your baby leaves you. Sometimes you
get'em 'cause she comes back." --B.B. King
        ***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D.  Just don't touch anything.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

Next message: Ryan Sumida: "Re: [Full-disclosure] Wi-fi. Approaching customers"

Previous message: Sune Kloppenborg Jeppesen: "[Full-disclosure] [gentoo-announce] [ GLSA 200503-19 ] MySQL: Multiple vulnerabilities"
Maybe in reply to: Gregh: "[Full-disclosure] Wi-fi. Approaching customers"
Next in thread: Michael Holstein: "Re: [Full-disclosure] Wi-fi. Approaching customers"
Reply: Michael Holstein: "Re: [Full-disclosure] Wi-fi. Approaching customers"
Reply: Ryan Sumida: "RE: [Full-disclosure] Wi-fi. Approaching customers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: [Full-disclosure] Wi-fi. Approaching customers
... only to compare the signal strength of transmissions you ... > telling it to manually assign IP number to MAC so that each time a MAC ... This message contains confidential information and is ... > addressee you should not disseminate, ...
(Full-Disclosure)
RE: [Full-disclosure] Wi-fi. Approaching customers
... Using Kismet drone to detect new SSID or MAC other than your own. ... only to compare the signal strength of ... Wouldn't that radius auth ... > location sense. ...
(Full-Disclosure)
RE: About War Driving ..
... until you can see the MAC address he's using, ... You'll get a bar graph of signal strength which updates about ... and see what that does to the signal strength. ... Detect Malicious Web Content and Exploits in Real-Time. ...
(Security-Basics)
Guidance in writing WLAN software for Linux
... I am planning to write a WLAN software for Pocket PC and Linux. ... I can program in C and have fairly good knowledge of 802.11 MAC and ... signal strength etc. ...
(alt.internet.wireless)