Re: [Karlnet] Kismet

[Chris Conn <cconn@abacom.com>]

Dan Metcalf wrote:
> Registry tweaks?
Hello,

As I am not in the business of security, I will not provide details on 
how to do this.  However, to be clear, it is _easier_ do use this method 
with a few modifications to the registry settings of the Lucent Orinico 
driver.  It has nothing to do with the functioning of windows or its 
networking.

Chris



> > -----Original Message-----
> > From: karlnet-admin@WISPNotes.com [mailto:karlnet-admin@WISPNotes.com]
>
> On
>
> > Behalf Of Chris Conn
> > Sent: Tuesday, September 24, 2002 10:39 AM
> > To: karlnet@WISPNotes.com
> > Subject: Re: [Karlnet] Kismet
> >
> > Travis Brown wrote:
> >
> > > I saw some disturbing text on the Kismet list about the author(s)
> > > beginning to receive info from Kismet users about Karlnet including
> > > packet dumps containing Karlnet traffic.
> > >
> > > Apparently, they are going to push now to identify and decode
> Karlnet
>
> > > packets along with regular WiFi traffic. So far, from what I've
> seen, it
>
> > > won't be too hard, as a Linux-head friend of mine was able to decode
> the
>
> > > names of all of my Karlnet bases (SSIDs) and dig into the packets
> for
>
> > info.
> >
> > > Does this bother anyone besides me?
> > >
> > > Travis
> >
> >
> > Hello,
> >
> > This should not really bother you any more than it did yesterday,
>
> since
>
> > it has always been possible to do this, even with a Windows PC.  You
> > don't need many fancy tools to do this, just a few keys to tweak in
>
> the
>
> > windows registry, use Ethereal as a protocol anaylyser and use the
> > standard Orinoco driver (that's right, no need to get a Karlnet NDIS
> > license).  I can easily sniff with a Windows95 machine given about 20
> > minutes of setup time.
> >
> > I would say that the average script kiddy or wardriver will not
>
> succeed
>
> > since it is not as easy as simply downloading netstumbler.  Also,
> > ethereal is not too good at seeing the packet headers due to the
>
> bizzard
>
> > size (superpacket aggregation), however most of the cleartext is
>
> visible
>
> > when you scroll between packets.  You can easily see HTTP
>
> transactions,
>
> > POP3 usernames and passwords, etc etc.  You just need to be a little
> > more patient than your 802.11b counterparts.
> >
> > We have always used WEP even though Karlnet has sustained that nobody
> > does, and we have also been using the 8.10 Orinoco firmware since it
> > includes the "weak wep key" avoidance, that is better than nothing.
>
> Too
>
> > bad the 4.0 kernels now load tertiary firmware, you drop back to 7.52
> > and lose this functionality...It would be nice to see 8.10 in an
> > eventual 4.x release (Doug?)
> >
> > It would also be nice to see some sort of dynamic WEP keying like
> > 802.1x???
> >
> > Everyone I talked to, some on this list, have always lived in a world
> > where Karlnet was proprietary therefore secure.  Sorry folks but it is
> > not as secure as some believe, without the proper measures.
> >
> > Just my 0.02$,
> >
> > Chris
> >
> > _______________________________________________
> > Karlnet mailing list
> > Karlnet@WISPNotes.com
> > http://lists.wispnotes.com/mailman/listinfo/karlnet
> > ---
> > [This E-mail scanned for viruses by Declude Virus]
>
>
>
> ---
> [This E-mail scanned for viruses by Declude Virus]
>
> _______________________________________________
> Karlnet mailing list
> Karlnet@WISPNotes.com
> http://lists.wispnotes.com/mailman/listinfo/karlnet