Re: Arp Spoofing with wireless networks

From: Gonçalo Gomes (lucipher@promisc.org)
Date: 01/17/02 

Date: Thu, 17 Jan 2002 04:39:23 -0500 (EST)
From: Gonçalo Gomes <lucipher@promisc.org>
To: Dave Falloon <Dave.Falloon@AnalogSynthesis.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 14 Jan 2002, Dave Falloon wrote:

> Hi everyone,
> Just a few questions about 802.11 :
> Am I correct in assuming that arp spoofing on a wireless network is way more of a problem than on a wired network?
> Is there some safe gaurd in place that keeps this from happening?
> Is 802.11 ethernet based, does it use the arp at all?
>
> If not then potentially I could spoof my way into a MiM attack with no one any wiser and I only have to be near the signal. I don't have to get through a firewall, I don't have to hack any boxes, all I have to do is be close enough that I can transmit to and recieve from your base station. If all of this is true then how is it that people would ever implement a network that includes even a small portion of wireless nets. I hope I am wrong about this because there have been cries for wireless from above in my organization.
> Thank you in advance.
>
> Dave Falloon

Hello Dave,

You're probably right, but as far as i remember,
rfc 826 (ARP) has no security at all. I found an extension
for the protocol, using PKI.

www.linuxsymposium.org/2000/arp.php
http://www-106.ibm.com/developerworks/wireless/library/
wi-stack?open&l=914,t=gr,p=arp

Hope it helped

- --
Gonçalo Gomes
E777 2628 1487 BAFE 81B4 5678 10EF 53D7 19E9 B666
-----BEGIN PGP SIGNATURE-----

iD8DBQE8RpvPEO9T1xnptmYRAnXsAJ9ryZsKkqk/if+cO8aCvrkffqdG0QCaAzV5
nw8K0lrSCbIpzHGPUJwRKpA=
=eYL0
-----END PGP SIGNATURE-----

Loading