wireless-redes.txt

EMPEROR good night EMPEROR the next conferenct is talk to Jose Maria Gomez Mundo sarnold (Jose Maria Gomez Vergara) EMPEROR asociation president Malagawirless EMPEROR in colaboration to Unient on long time EMPEROR "Problemas common of security in networks inalambricas and as solving them" EMPEROR well EMPEROR First to ask you excuses by the delay but when the R. Madrid plays in Madrid, is impossible to circulate with the car I thank you your aid to this chat as podeis to see, the holder of the chat this put in ingles in the program EMPEROR because in principle think giving it in ingles, but when think a little upon what queria to say think that giving it in ingles was going to impede me to transmit the concepts of a clear form is therefore for which to the final one decidi giving it in Spaniard EMPEROR Good.. without but enlargements we begin the chat in any moment podeis to interrupt me to do any I ask or to ask some aclaracion with respect what you comente aqui in the canal #qc (in ingles or Spanish) this chat does not intend to give solutions magicas that permit us to remove us the problems of security inherent in the networks wireless EMPEROR Neither even it is going to offer solutions too much techniques EMPEROR well, I try to expose the main problems of security with the ones that is going to find a person that is faced to this type of networks by first time. EMPEROR Therefore what I went doing is to go introducciondo some own concepts of this type of networks, and so that can serve us EMPEROR This chat this based on the own experience by experiments carried out in the department of I + D of the business in which job EMPEROR As well as own experiences carried out in a group of investigation of this technology that is called malagawireless. (Http://www.malagawireless.org) that I have the honor to preside: -). EMPEROR Ultimately the networks wireless are becoming something very popular, due above all to the price reduction of the hardware, EMPEROR and there it has been a great movement in the areas metropolinas with the intention to cover a city with this type of networks, EMPEROR With an idea quizás a little utopian to be able interconectar all a complete city. EMPEROR If yours are interested in some of these projects, podeis to visit the web of one of the most active groups as is www. madridwireless. net or www. zaragozawireless. net. EMPEROR The fact that this technology be becoming somewhat popular, EMPEROR It is sufficient reason as to think that each time there is more people than is familiarized with this technology and therefore we count on more potential dangers. EMPEROR But ¿That it differentiates to these networks of the normal networks or of cable? EMPEROR In reality do not exist demasiadas differentiates in its operation, above all the layer of link up EMPEROR There is a special characteristic that does them to be different and is the middle that utilize to transmit the information. EMPEROR The fact that the information be transmitted by the air, can permit to a user malintencionado the power to listen the information with so alone to be put sufficiently near the nodo transmitter. EMPEROR That dangers has this? To imagine you an intranet mounted with cable and without exit to internet. EMPEROR This network puts us in a certain predicament if what we want is to agree from outside. Our swtich this in our cabinet, and the cables we have them at sight.. ; -) EMPEROR We know who is connected and who not. If someone it goes with his cable and is connected to the switch, serious quickly detected. EMPEROR Now to imagine you that that person decides a good one I gave to catch the switch, to remove it of the amario and to put it in the door of the street. EMPEROR Where any can be connected without problems. Therefore well, that it is what does an unconscious administrator of form when mounts a network wireless, including is more serious todavia because instead of being a switch what he would be able in the serious door a hub. EMPEROR therefore you can be snifada with facility without neither even using tecnicas of the man in the middle is a _hub_ not a switch EMPEROR When in 1999 the IEEE began to define the estandar 802.11 for networks inalámbricas metropolitanas account of this problem was given and thought about as doing something to the respect to be able to solve this weakness since the point of view of the security. EMPEROR have to be a method that permit to be able to be connected to the network, to those persons that were accredited, or authorized. EMPEROR Or they said of another form, tendria that there to be a form to control who can hook a cable to ours "hub". EMPEROR For it they created the (equivalent Privacy to the cableado) or said in English EMPEROR Wired Equivalent Privacity EMPEROR (WEP). EMPEROR Good. ... before beginning to detail in which consists the WEP, someone has some question? no question? EMPEROR well let`s go EMPEROR what is the WEP? EMPEROR The WEP is a protocolo implemented in the level of link, that will avoid to bind with the network, to the persons that do not be authorized. EMPEROR The problem that have with the WEP is the common problem that happens with the technologies that still are in phase of ripening, and are the problems of security. EMPEROR When we utilize WEP, the information will go encriptada and is necessary to know the key one to be able to agree to the network. The idea of the implementacion of the WEP would be very well if went not by its weaknesses. When IEEE definio the WEP had in mind the following rules or properties: EMPEROR a) That fuese reasonably strong. The fortress of this algoritmo is bases on the difficulty that have of advinar the key secret by means of forces rough. EMPEROR b) That fuese efficient: AND really is it, besides permits its implementation so much to niver of software as to level of hardware. EMPEROR c) That fuese exportable: we Have to keep in mind that this algoritmo itself tenia that to adjust to the limitations you imposed by the Department of Commerce of the United States. This it is very important, because then we will see the consequence that this has. EMPEROR d) That fuese optional: that is to say that a network wireless could function correctly without having assets the WEP EMPEROR However, the fact to want to comply with the rule c) created a strong conflict with the rule a) EMPEROR Of fact, in the Netscape SSL Callenge (www.cipherspace.org/ßadam/ssl) we can read that the implementations with a key one as short as the one that definia the American laws pertimitan to guess that key one utilizing forces rough. EMPEROR The WEP this based on RC4, but himself does not apply correctly to the east protocolo and does that the WEP return debil. I stand out that although implementations of 128 exist bits for the encriptación utilizing WEP, is not what dictates the estandar that are 104 bits. We can think that a key one of 104 bits is complicated to remove for rough strength by a normal user, but. EMPEROR Not for a business with sufficient resources. Of fact, the one that the normal users have the infrastructure of a great business is only cuestion of time. EMPEROR not obtante being realists, normal a great deal of people has in its house ordenadores that are capable of doing these calculos without estresarse too much Arador However Jesse R. Walker in his document "unsafe at any key size: an analisys of WEB encapsulation" /sin estar a salvo en cualquier tamaño de clave: un analisis de la encapsulacion WEP" http://grouper.ieee.org/groups/802/11/Documents/DocumentHolder/0-362.zip he explain some problems detected in the WEP design Arador The rule d> is anotuer source of problems. Ww know of the comodity of the users, and if something is optional, probably isn't ctived Arador IN fact, cards and software that they have for its configuration has this option unenabled by defect Arador In some of my outs? in Madrid searching wireless nets i could check that only 10% of them had the WEP enabled Arador Some of them gave you ip using DHCP }:-) Arador We could talk more about WEBk but suming you must know that its a security level that should be obligatory Arador But that isn't going to solve all the security problems because is a weak algorithm and easily exploitable Arador In fact it's easy to deduce the WEB clave usd with capturin a 1mb traffic and with some systems even less Arador In these moments i'm developin a software that i'll release GPL that shows the weakness of this protocol and that deduce the web password used to encrypt a string given Arador software as this exist today, that makes perhaps a bit differted is the fat that is being prepared to be uesd distributed Arador If someone wnats to know more about these vulnerabilities i'd recommend these links Arador www.dmzs.com/~dmz/WeakKeys.txt Arador www.cs.berkeley.edu/~daz/my-posts/my-rc4-weak-keys EMPEROR We pass to describe a setting tipico of attack to a network wireless: Arador The first step is a victim. For this we'll use a software called Netstumbler (www.netstumbler.org). Arador This software uses a broadcast traffic that the access point transmit to detect the existance of a wireless net Arador While it detects it it adds them to a list Arador If we're lucky that we've a good laptop with a gps, we can give a round in the city and when we return we can have a good map of the wireless nets in your city Arador See that netstumbler detects traffic and it dosn't think that the traffic is encrypted or not, so it detects also nets that have GPG proteccion enabled Arador THis practice is similar to war dialers were a computer with a sodtware dialed telephon numbers to see what of them had a modem to add it to a list Arador Now you've to choose an atractive net Arador between all of them, we elect what we like Arador We get the car, and with the laptop and wireless in the hand we go there to see if we sniff traffic Arador For that we can use any sniffer Arador An sniffer created for that is airsnort Arador But you can use another such as etherreal Arador lokk that up the link level Arador the wireless are the same that tradicional nets or cable Arador So the same tools and tricks tha we're used to use can ba valid Arador The promiscous mode in the ethernet cards is the moitor mode in wireless cards Arador and some times you need to patch ethereal so you can use it Arador more info in the web Arador if the information that we get is encrypted Arador we've found one of the few nets with WEP Arador however it's a good idea to capture some information, for example 1 mb to try to dedude the WEB key used and retunr later Arador an interesnting practive is to get a information more des-encryptable Arador it consist in introduce know info in the net to know what's being encrypted Arador for example sending a mail to some people we know the're in the net Arador If they don't haveWEP active, the most normal, we can see in the information captured the ips, even with luck we can have an ip through dhcp Arador another tools that you musn't forgot are ngrep or tcpdump Arador But as i said you can use the same tools that you's use with other nets Arador another tool less know but very useful is tcpflow Arador it gets sessins in files with similar syntaxis to tcpdump Arador so it's a very recomendable tool Arador As we saw, it's not enought to have enabled WEP, but we saw that it's should be obligatory. Imagine that a net hasn't WEP or that it has but we know the key Arador Now we could link with the net, we've acess....but the administrator can have some other protecction Arador But these protections are the same that we find in other nets Arador - IP acces control Arador It consist in give access only to some ips, por example 192.168.0.0/24 or even he han be strict and only allow to 192.168.0.0/30 Arador In this case we'll have to use ip spoofing. If we've sniffed enouht traffic we'll see in the comunication the ips that they use Arador wo we can have valid ips Arador If we've enought patiente we can wwait that some of them go out so we enterwith his ip. Arador It lloks easy, but not only it seems easy, it's easy Arador - Mac access control Arador This know of proteccion consots in controlling the acces by MAC address. Theorically every card hane a unique MAC address Arador soso it's reasonable to use this protecction Arador but we can change the MAC with software Arador And in same way that we've explained but with macs, we could enter the net. That's mac spoofing Arador As we can see, always there's a way to enter in a net. This is aplplicable to all kind of nets Arador This that i've explained it's only a ferw, of course there's some advanced techniques Arador Is waht makes the security world so nice :) Arador sorry about the translation, blame isp modem providers :-/ Arador i continue MJesus A certain great power is a failure generalized between some administrators and to trust its knowledge. They do not realize, that the one that more experience has of all, so single knows a 1% of the total MJesus and that its network can be victim of a person who knows 2% Arador so, what can we do to avoid people entering in our net and stole us or information? What can we do to make safe our mails? what can we do to avoid somebody to stole our ftp/telnet passwords? Arador the one solution is _ENCRYPTATION_ and access control to the net with ipsec! Arador in a unconnected net, any host that's connectes to it can have non-autorized accesses Arador so my personal opinion is, of course, to have a very restrictive firewall, and having several levels of security Arador allowing only encrypted connections with ssh and if possible with certificates Arador and control the access with ipsec Arador encrypting all the information that goes out of our computer, with ssl or gpg por emails and files. And store always the important data encrypted Arador The wireless nets shows new walls that we've to explore because it's a new technology Arador and so they're nets that need some admins with hability and creativity to have a secure net Arador Try to explore what the wireless nets allow you because it has a lot of advantajes. Perhaps the next year, all of us will have a wireless net in home Arador IF you agree, we open questions and compentarys if somebody wants to ask. Arador Thanks for coming here, i'm at your disposition at jose.maria@icodsi.biz Arador if you think of some tomorrow ;) Arador <casanegra> jmvg: it's possible that the problem with security in wireless nets it's that they're by nature? Arador of course, in fact think that i gave more importance to the WEP section Arador that's the protection that you get in the link level, because that's the only difference Arador the problem is that the wireless nets inherit all the problems of wired nets, adding even, that preventive we should have due to the environmet tiself adn that allows to listen easyly that kind of nets Arador however, having enought hability they aren't specially insecures, so you musn't hide of them... Arador in fact, i'd only try wired connections when the througput of the wireless weren't wnought Arador think that in these moments the maxium speed is 11 mb and the canal is shared Arador however, it's a lot of applications and it's being worked in modifications to allow more bandwith Arador any question? Arador jmvg: in a near future it's possible that a lot of people has wireless, but what's the diferency of the radiospectr to support a huge amount of nets, mainly in very founded cities, is this a problem? Arador certainly, that's another problem Arador in these moments a wireless card aroud the 2 Ghz can work in 7 different channels Arador but to avoid the interferences in the nets you need as minium 3 channels separation Arador to not sharing the medium Arador net 1 channel 1 -> net2 channel 4 -> net 3 channel 7 -> net 4 channel 2 -> net 5 channel 5 Arador in this way the 1 net is enought far of the 4 to use a canal that's divided only by 1 Arador in all way...we're advancing in this field syncronizing the data emmission Arador but that's a limitation of the wireless nets, however think that the net has an identificator, so in the case that 2 nets of different people that sahre a common medium Arador or even the same ips, there wouldn't be problems in the communication. ESSID is the net identification Arador if there's no more questions, the lecture has finished, i'm available at jose.maria@icodsi.biz sarnold arador :) thanks! Arador sarnold: sorry for the BIG delay :-/ Arador my mother tried to use the phone...that hangs the ppp link sarnold Arador: ugh EMPEROR well.. all forms.. we are finished.. the conference... :s Arador sarnold: it's curious....that happens with the 56k modem, but the 33.6 modem tries to "resync" the connection and it continues ;) sarnold Arador: wierd ... i would have thought that 56k could at least fallback to 33.6 Arador the 56k modem SHOULD do that Arador sarnold: v92 connections supports these kind of things i think , but my isp, telefonica (and all the isps in spain) seem they haven't implemented v92, only v90 MJesus arador, you are excellent traslator !! Arador EMPEROR also does it good :) Generated by irclog2html.pl 2.1 by Jeff Waugh - find it at freshmeat.net!

`EMPEROR`	`good night`
`EMPEROR`	`the next conferenct is talk to Jose Maria Gomez Mundo`
`sarnold`	`(Jose Maria Gomez Vergara)`
`EMPEROR`	`asociation president Malagawirless`
`EMPEROR`	`in colaboration to Unient on long time`
`EMPEROR`	`"Problemas common of security in networks inalambricas and as solving them"`
`EMPEROR`	`well`
`EMPEROR`	`First to ask you excuses by the delay but when the R. Madrid plays in Madrid, is impossible to circulate with the car I thank you your aid to this chat as podeis to see, the holder of the chat this put in ingles in the program`
`EMPEROR`	`because in principle think giving it in ingles, but when think a little upon what queria to say think that giving it in ingles was going to impede me to transmit the concepts of a clear form is therefore for which to the final one decidi giving it in Spaniard`
`EMPEROR`	`Good.. without but enlargements we begin the chat in any moment podeis to interrupt me to do any I ask or to ask some aclaracion with respect what you comente aqui in the canal #qc (in ingles or Spanish) this chat does not intend to give solutions magicas that permit us to remove us the problems of security inherent in the networks wireless`
`EMPEROR`	`Neither even it is going to offer solutions too much techniques`
`EMPEROR`	`well, I try to expose the main problems of security with the ones that is going to find a person that is faced to this type of networks by first time.`
`EMPEROR`	`Therefore what I went doing is to go introducciondo some own concepts of this type of networks, and so that can serve us`
`EMPEROR`	`This chat this based on the own experience by experiments carried out in the department of I + D of the business in which job`
`EMPEROR`	`As well as own experiences carried out in a group of investigation of this technology that is called malagawireless. (Http://www.malagawireless.org) that I have the honor to preside: -).`
`EMPEROR`	`Ultimately the networks wireless are becoming something very popular, due above all to the price reduction of the hardware,`
`EMPEROR`	`and there it has been a great movement in the areas metropolinas with the intention to cover a city with this type of networks,`
`EMPEROR`	`With an idea quizás a little utopian to be able interconectar all a complete city.`
`EMPEROR`	`If yours are interested in some of these projects, podeis to visit the web of one of the most active groups as is www. madridwireless. net or www. zaragozawireless. net.`
`EMPEROR`	`The fact that this technology be becoming somewhat popular,`
`EMPEROR`	`It is sufficient reason as to think that each time there is more people than is familiarized with this technology and therefore we count on more potential dangers.`
`EMPEROR`	`But ¿That it differentiates to these networks of the normal networks or of cable?`
`EMPEROR`	`In reality do not exist demasiadas differentiates in its operation, above all the layer of link up`
`EMPEROR`	`There is a special characteristic that does them to be different and is the middle that utilize to transmit the information.`
`EMPEROR`	`The fact that the information be transmitted by the air, can permit to a user malintencionado the power to listen the information with so alone to be put sufficiently near the nodo transmitter.`
`EMPEROR`	`That dangers has this? To imagine you an intranet mounted with cable and without exit to internet.`
`EMPEROR`	`This network puts us in a certain predicament if what we want is to agree from outside. Our swtich this in our cabinet, and the cables we have them at sight.. ; -)`
`EMPEROR`	`We know who is connected and who not. If someone it goes with his cable and is connected to the switch, serious quickly detected.`
`EMPEROR`	`Now to imagine you that that person decides a good one I gave to catch the switch, to remove it of the amario and to put it in the door of the street.`
`EMPEROR`	`Where any can be connected without problems. Therefore well, that it is what does an unconscious administrator of form when mounts a network wireless, including is more serious todavia because instead of being a switch what he would be able in the serious door a hub.`
`EMPEROR`	`therefore you can be snifada with facility without neither even using tecnicas of the man in the middle is a _hub_ not a switch`
`EMPEROR`	`When in 1999 the IEEE began to define the estandar 802.11 for networks inalámbricas metropolitanas account of this problem was given and thought about as doing something to the respect to be able to solve this weakness since the point of view of the security.`
`EMPEROR`	`have to be a method that permit to be able to be connected to the network, to those persons that were accredited, or authorized.`
`EMPEROR`	`Or they said of another form, tendria that there to be a form to control who can hook a cable to ours "hub".`
`EMPEROR`	`For it they created the (equivalent Privacy to the cableado) or said in English`
`EMPEROR`	`Wired Equivalent Privacity`
`EMPEROR`	`(WEP).`
`EMPEROR`	`Good. ... before beginning to detail in which consists the WEP, someone has some question? no question?`
`EMPEROR`	well let`s go
`EMPEROR`	`what is the WEP?`
`EMPEROR`	`The WEP is a protocolo implemented in the level of link, that will avoid to bind with the network, to the persons that do not be authorized.`
`EMPEROR`	`The problem that have with the WEP is the common problem that happens with the technologies that still are in phase of ripening, and are the problems of security.`
`EMPEROR`	`When we utilize WEP, the information will go encriptada and is necessary to know the key one to be able to agree to the network. The idea of the implementacion of the WEP would be very well if went not by its weaknesses. When IEEE definio the WEP had in mind the following rules or properties:`
`EMPEROR`	`a) That fuese reasonably strong. The fortress of this algoritmo is bases on the difficulty that have of advinar the key secret by means of forces rough.`
`EMPEROR`	`b) That fuese efficient: AND really is it, besides permits its implementation so much to niver of software as to level of hardware.`
`EMPEROR`	`c) That fuese exportable: we Have to keep in mind that this algoritmo itself tenia that to adjust to the limitations you imposed by the Department of Commerce of the United States. This it is very important, because then we will see the consequence that this has.`
`EMPEROR`	`d) That fuese optional: that is to say that a network wireless could function correctly without having assets the WEP`
`EMPEROR`	`However, the fact to want to comply with the rule c) created a strong conflict with the rule a)`
`EMPEROR`	`Of fact, in the Netscape SSL Callenge (www.cipherspace.org/ßadam/ssl) we can read that the implementations with a key one as short as the one that definia the American laws pertimitan to guess that key one utilizing forces rough.`
`EMPEROR`	`The WEP this based on RC4, but himself does not apply correctly to the east protocolo and does that the WEP return debil. I stand out that although implementations of 128 exist bits for the encriptación utilizing WEP, is not what dictates the estandar that are 104 bits. We can think that a key one of 104 bits is complicated to remove for rough strength by a normal user, but.`
`EMPEROR`	`Not for a business with sufficient resources. Of fact, the one that the normal users have the infrastructure of a great business is only cuestion of time.`
`EMPEROR`	`not obtante being realists, normal a great deal of people has in its house ordenadores that are capable of doing these calculos without estresarse too much`
`Arador`	`However Jesse R. Walker in his document "unsafe at any key size: an analisys of WEB encapsulation" /sin estar a salvo en cualquier tamaño de clave: un analisis de la encapsulacion WEP" http://grouper.ieee.org/groups/802/11/Documents/DocumentHolder/0-362.zip he explain some problems detected in the WEP design`
`Arador`	`The rule d> is anotuer source of problems. Ww know of the comodity of the users, and if something is optional, probably isn't ctived`
`Arador`	`IN fact, cards and software that they have for its configuration has this option unenabled by defect`
`Arador`	`In some of my outs? in Madrid searching wireless nets i could check that only 10% of them had the WEP enabled`
`Arador`	`Some of them gave you ip using DHCP }:-)`
`Arador`	`We could talk more about WEBk but suming you must know that its a security level that should be obligatory`
`Arador`	`But that isn't going to solve all the security problems because is a weak algorithm and easily exploitable`
`Arador`	`In fact it's easy to deduce the WEB clave usd with capturin a 1mb traffic and with some systems even less`
`Arador`	`In these moments i'm developin a software that i'll release GPL that shows the weakness of this protocol and that deduce the web password used to encrypt a string given`
`Arador`	`software as this exist today, that makes perhaps a bit differted is the fat that is being prepared to be uesd distributed`
`Arador`	`If someone wnats to know more about these vulnerabilities i'd recommend these links`
`Arador`	`www.dmzs.com/~dmz/WeakKeys.txt`
`Arador`	`www.cs.berkeley.edu/~daz/my-posts/my-rc4-weak-keys`
`EMPEROR`	`We pass to describe a setting tipico of attack to a network wireless:`
`Arador`	`The first step is a victim. For this we'll use a software called Netstumbler (www.netstumbler.org).`
`Arador`	`This software uses a broadcast traffic that the access point transmit to detect the existance of a wireless net`
`Arador`	`While it detects it it adds them to a list`
`Arador`	`If we're lucky that we've a good laptop with a gps, we can give a round in the city and when we return we can have a good map of the wireless nets in your city`
`Arador`	`See that netstumbler detects traffic and it dosn't think that the traffic is encrypted or not, so it detects also nets that have GPG proteccion enabled`
`Arador`	`THis practice is similar to war dialers were a computer with a sodtware dialed telephon numbers to see what of them had a modem to add it to a list`
`Arador`	`Now you've to choose an atractive net`
`Arador`	`between all of them, we elect what we like`
`Arador`	`We get the car, and with the laptop and wireless in the hand we go there to see if we sniff traffic`
`Arador`	`For that we can use any sniffer`
`Arador`	`An sniffer created for that is airsnort`
`Arador`	`But you can use another such as etherreal`
`Arador`	`lokk that up the link level`
`Arador`	`the wireless are the same that tradicional nets or cable`
`Arador`	`So the same tools and tricks tha we're used to use can ba valid`
`Arador`	`The promiscous mode in the ethernet cards is the moitor mode in wireless cards`
`Arador`	`and some times you need to patch ethereal so you can use it`
`Arador`	`more info in the web`
`Arador`	`if the information that we get is encrypted`
`Arador`	`we've found one of the few nets with WEP`
`Arador`	`however it's a good idea to capture some information, for example 1 mb to try to dedude the WEB key used and retunr later`
`Arador`	`an interesnting practive is to get a information more des-encryptable`
`Arador`	`it consist in introduce know info in the net to know what's being encrypted`
`Arador`	`for example sending a mail to some people we know the're in the net`
`Arador`	`If they don't haveWEP active, the most normal, we can see in the information captured the ips, even with luck we can have an ip through dhcp`
`Arador`	`another tools that you musn't forgot are ngrep or tcpdump`
`Arador`	`But as i said you can use the same tools that you's use with other nets`
`Arador`	`another tool less know but very useful is tcpflow`
`Arador`	`it gets sessins in files with similar syntaxis to tcpdump`
`Arador`	`so it's a very recomendable tool`
`Arador`	`As we saw, it's not enought to have enabled WEP, but we saw that it's should be obligatory. Imagine that a net hasn't WEP or that it has but we know the key`
`Arador`	`Now we could link with the net, we've acess....but the administrator can have some other protecction`
`Arador`	`But these protections are the same that we find in other nets`
`Arador`	`- IP acces control`
`Arador`	`It consist in give access only to some ips, por example 192.168.0.0/24 or even he han be strict and only allow to 192.168.0.0/30`
`Arador`	`In this case we'll have to use ip spoofing. If we've sniffed enouht traffic we'll see in the comunication the ips that they use`
`Arador`	`wo we can have valid ips`
`Arador`	`If we've enought patiente we can wwait that some of them go out so we enterwith his ip.`
`Arador`	`It lloks easy, but not only it seems easy, it's easy`
`Arador`	`- Mac access control`
`Arador`	`This know of proteccion consots in controlling the acces by MAC address. Theorically every card hane a unique MAC address`
`Arador`	`soso it's reasonable to use this protecction`
`Arador`	`but we can change the MAC with software`
`Arador`	`And in same way that we've explained but with macs, we could enter the net. That's mac spoofing`
`Arador`	`As we can see, always there's a way to enter in a net. This is aplplicable to all kind of nets`
`Arador`	`This that i've explained it's only a ferw, of course there's some advanced techniques`
`Arador`	`Is waht makes the security world so nice :)`
`Arador`	`sorry about the translation, blame isp modem providers :-/`
`Arador`	`i continue`
`MJesus`	`A certain great power is a failure generalized between some administrators and to trust its knowledge. They do not realize, that the one that more experience has of all, so single knows a 1% of the total`
`MJesus`	`and that its network can be victim of a person who knows 2%`
`Arador`	`so, what can we do to avoid people entering in our net and stole us or information? What can we do to make safe our mails? what can we do to avoid somebody to stole our ftp/telnet passwords?`
`Arador`	`the one solution is _ENCRYPTATION_ and access control to the net with ipsec!`
`Arador`	`in a unconnected net, any host that's connectes to it can have non-autorized accesses`
`Arador`	`so my personal opinion is, of course, to have a very restrictive firewall, and having several levels of security`
`Arador`	`allowing only encrypted connections with ssh and if possible with certificates`
`Arador`	`and control the access with ipsec`
`Arador`	`encrypting all the information that goes out of our computer, with ssl or gpg por emails and files. And store always the important data encrypted`
`Arador`	`The wireless nets shows new walls that we've to explore because it's a new technology`
`Arador`	`and so they're nets that need some admins with hability and creativity to have a secure net`
`Arador`	`Try to explore what the wireless nets allow you because it has a lot of advantajes. Perhaps the next year, all of us will have a wireless net in home`
`Arador`	`IF you agree, we open questions and compentarys if somebody wants to ask.`
`Arador`	`Thanks for coming here, i'm at your disposition at jose.maria@icodsi.biz`
`Arador`	`if you think of some tomorrow ;)`
`Arador`	`<casanegra> jmvg: it's possible that the problem with security in wireless nets it's that they're by nature?`
`Arador`	`of course, in fact think that i gave more importance to the WEP section`
`Arador`	`that's the protection that you get in the link level, because that's the only difference`
`Arador`	`the problem is that the wireless nets inherit all the problems of wired nets, adding even, that preventive we should have due to the environmet tiself adn that allows to listen easyly that kind of nets`
`Arador`	`however, having enought hability they aren't specially insecures, so you musn't hide of them...`
`Arador`	`in fact, i'd only try wired connections when the througput of the wireless weren't wnought`
`Arador`	`think that in these moments the maxium speed is 11 mb and the canal is shared`
`Arador`	`however, it's a lot of applications and it's being worked in modifications to allow more bandwith`
`Arador`	`any question?`
`Arador`	`jmvg: in a near future it's possible that a lot of people has wireless, but what's the diferency of the radiospectr to support a huge amount of nets, mainly in very founded cities, is this a problem?`
`Arador`	`certainly, that's another problem`
`Arador`	`in these moments a wireless card aroud the 2 Ghz can work in 7 different channels`
`Arador`	`but to avoid the interferences in the nets you need as minium 3 channels separation`
`Arador`	`to not sharing the medium`
`Arador`	`net 1 channel 1 -> net2 channel 4 -> net 3 channel 7 -> net 4 channel 2 -> net 5 channel 5`
`Arador`	`in this way the 1 net is enought far of the 4 to use a canal that's divided only by 1`
`Arador`	`in all way...we're advancing in this field syncronizing the data emmission`
`Arador`	`but that's a limitation of the wireless nets, however think that the net has an identificator, so in the case that 2 nets of different people that sahre a common medium`
`Arador`	`or even the same ips, there wouldn't be problems in the communication. ESSID is the net identification`
`Arador`	`if there's no more questions, the lecture has finished, i'm available at jose.maria@icodsi.biz`
`sarnold`	`arador :) thanks!`
`Arador`	`sarnold: sorry for the BIG delay :-/`
`Arador`	`my mother tried to use the phone...that hangs the ppp link`
`sarnold`	`Arador: ugh`
`EMPEROR`	`well.. all forms.. we are finished.. the conference... :s`
`Arador`	`sarnold: it's curious....that happens with the 56k modem, but the 33.6 modem tries to "resync" the connection and it continues ;)`
`sarnold`	`Arador: wierd ... i would have thought that 56k could at least fallback to 33.6`
`Arador`	`the 56k modem SHOULD do that`
`Arador`	`sarnold: v92 connections supports these kind of things i think , but my isp, telefonica (and all the isps in spain) seem they haven't implemented v92, only v90`
`MJesus`	`arador, you are excellent traslator !!`
`Arador`	`EMPEROR also does it good :)`