On 05/22/11 07:14, Tim wrote: > Mikkel L. Ellertson: >>> They do not usually guess. The use a program that monitors the >>> traffic, and captures the MAC address of any system that connects to >>> the router. They then use one of these to connect. > JD: >> So, the initial connection request goes in the clear! >> Now that's security!! :) > It has to work that way. You connect a route, then encrypt traffic that > will go through it. The connection setup isn't doing anything that > gives away secrets, it's just connecting two things together. > I was referring to the use of MAC filtering which is soundly defeated by the transmission of the MAC in the clear. So, MAC filtering is absolutely useless as a security measure. If I turn off my machine, the hacker has my MAC, and will have 1 less thing to worry about getting. My reliance is then totally on wpa2-psk/aes and a well chosen 63 byte pass-phrase. > And as far as how long does it take. Well, on a network that may have > 50 megabit per second speed, sending out numerous relatively smaller > packets (all with networking headers) hundreds or thousands of times per > second, how long do you think it would take to see data *about* the > connections? > > Blink, and you'll miss it. Not with modern day scanners which capture packets continuously. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
