From owner-freebsd-questions Wed May 8 6:46:27 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mail.tiscalinet.it (mail-4.tiscalinet.it [195.130.225.150]) by hub.freebsd.org (Postfix) with ESMTP id 5CC6E37B403 for ; Wed, 8 May 2002 06:46:15 -0700 (PDT) Received: from [217.133.245.152] (217.133.245.152) by mail.tiscalinet.it (5.5.057) id 3CAC0BCB010E40AC for freebsd-questions@freebsd.org; Wed, 8 May 2002 15:46:14 +0200 Received: (qmail 2921 invoked by uid 1000); 8 May 2002 13:46:08 -0000 Date: Wed, 8 May 2002 15:46:08 +0200 From: Francesco Casadei To: Tim Kellers Cc: freebsd-questions@freebsd.org Subject: Re: wireless (in)security Message-ID: <20020508154608.A2895@goku.kasby> Mail-Followup-To: Tim Kellers , freebsd-questions@freebsd.org References: <20020508005333.M8150@wallnet.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="fdj2RfSjLxBAspz7" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020508005333.M8150@wallnet.com>; from timothyk@wallnet.com on Wed, May 08, 2002 at 12:53:33AM +0900 X-Operating-System: FreeBSD 4.5-STABLE i386 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --fdj2RfSjLxBAspz7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 08, 2002 at 12:53:33AM +0900, Tim Kellers wrote: > I wonder if someone might point me at a source to try and solve a wireless > security issue. >=20 > Wireless router with a Network Name of 09d44b > Wireless encryption key set to: 9d44b=20 >=20 > Wireless interface (wi0) ssid (network name) 09d44b > Wireless encryption key (nwkey) set to 9d44b >=20 > When the wireless laptop boots, it sends the nwkey in clear text, then go= es to > 64 bit (or so) encryption. Then transmissions are as theoretically secur= e as > a 5 character key can make them. But, before encryption takes over, the = nwkey > key is transmitted in clear text and this is Not a Good Thing. >=20 > Are there any utilites, workarounds or magic available for FreeBSD (4.6 > Prerelease at present) that would allow a tunnel to be established before= the > nwkey is sent... I've had a lot of ideas about how I might do this, but = they > all rely on the wireless router being a lot smarter than it is. >=20 > Pointers, links or just plain ideas appreciated. >=20 > Tim Kellers > CPE/NJIT >=20 >=20 >=20 >=20 > -- > Open WebMail Project (http://openwebmail.org) >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message >=20 > end of the original message The IEEE 802.11 standard for wireless transmission does not attain to its security goals (confidentiality, data integrity and access control). I think there's little you can do to make it more secure. For more information read this: http://cesare.dsi.uniroma1.it/Sicurezza/doc/p180-borisov.pdf Francesco Casadei --=20 You can download my public key from http://digilander.iol.it/fcasadei/ or retrieve it from a keyserver (pgpkeys.mit.edu, wwwkeys.pgp.net, ...) Key fingerprint is: 1671 9A23 ACB4 520A E7EE 00B0 7EC3 375F 164E B17B --fdj2RfSjLxBAspz7 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE82SwgfsM3XxZOsXsRAngGAJ0Y+EzD7Hw+D5reEvTFoz6BRMaaDQCgvczR mTI5AW0dwYVYaIN9fVGqBBI= =H7VC -----END PGP SIGNATURE----- --fdj2RfSjLxBAspz7-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message