Re: Perpetuating weak wireless security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Nico!

Nico Darrow wrote:
> Guys, I was the orignal designer of the WEP Cloaking feature released
>  by AirDefense. I can field any questions you guys may have on it.
> 
> I can assure you it works. Here are couple points on the technology.

<snip>

> 2. You can't filter the traffic out, we have several dynamic engines 
> to circumvent filtering. We've had several independent teams attempt 
> to pentest even with the real WEP key and they have failed. I've 
> already been through signal strength filtering, retry filtering, 
> sequence filtering, client filtering, distributed sniffing, etc etc.

<snip>

> Now, I'm sure someone smart will figure out some super-clever way to 
> bypass it but AirDefense has multiple layers of protection. We will
> of course refine the technology as it gets deployed and used in the
> field.

For a long time, the Cisco Okena folks had a server on the Internet that
was unpatched with a big sign labeled "hack me".  Anyone was welcome to
attack the system, and if they were successful, Cisco used the results
to improve their product, much like Nico is describing here.

Nico, is there any chance AirDefense would make a packet capture
available of WEP Cloaking in action, maybe interspersed with legitimate
frames (around 200K frames or so) for people to take a look at?
Something that would be a practical representation of a legitimate
attack?  If you wanted to make it fun, you could even use something like
a netcat listener and client to stream a message across for people to
try and retrieve. :)

Thanks!

- -Josh
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iQIVAwUBRkCVqjWX3FIa1TkuAQLXxg/+L8k3Cy2lGW5tqOjBrT1stLyTWuWLM8/g
lXJqy/6Ln1ePh1aEpbR1dkDhyYmo6yNd4ybzShKXa+DArFWrIgVtLJ4TJ7x6GXjt
RxKVTeLlObN5gTTSuHtLpk4UA1le3ANdcVzVBz/tCFa1nXCszy9NipyftfbakENF
zyr6oDf4yyzlAQgmXZe9WK+9N73MPHEB48UxLMpCn0WrD31oWLpoO9nlDqh1yS/g
1zmWfgdKntML85EnGRUakg2+RpWx5tMqENlHlHxzR2hpW2gcvlsFZjQwC77aCHXa
nqnijGP9hipr/qnWHeBIyGHDNjoqY3JE/ZIKYo6TA3aS4wn5cT/4bsWlPUXNQsmQ
PKnrkcnhUamqg4KMfckQ3NenHcmlxOZwz99B/Rx2K2DXyaEkgnDNZPHKHaYo9G8z
ZSpxz3QVDsJlqJUyAqT2M6rdjGeT/Wp4OhhcH8tUhv0e5rzrRYp6MTZ2kc3DOYC3
/k0VUSi/dm7jXdvvZpdTqIaLMRBE5w1Td8yXlk6c/CCT/j7eR1X9ZynU9oeRhiB9
1Dn7Mf1jwoIiXQqByhWpUzY+8FBQbUGXKL98Z0GCnCQP3XOe9ezTljtI5XDkQnWQ
iy+Mrb8cjnzlUCRJ4Yo7i7msAg7COsMr9HKmC05KuWTV7P4b2W+rYRoAvdBVkex8
IQV9Cd+oc+c=
=aC+O
-----END PGP SIGNATURE-----