trap the hackers

Given the fact that disabling the SSID broadcast, enabling MAC
address filtering, and enabling encryption doesn't totally protect the
WLAN. Couldn't the owner of the WLAN trap the hacker inside the WLAN
by using IP filtering to prevent the hacker from using the connection
to access the Internet? The user could protect the rest of the
WLAN/LAN by turning off file/print sharing, the computer browser
service and etc. Thereby making the hack worthless because the hacker
can't go anywhere. This would prevent identity theft, no? Most if
not all current AP's settings can only be changed through the web
browser interface and as long as it's default password has been
changed what measures are there to compromise that password?

On 27 Oct 2004 11:56:27 -0700, in alt.internet.wireless ,
(E-Mail Removed) (kd) wrote:

(snip various ideas for preventing access to hardware)

>This would prevent identity theft, no?

No. There /are/ other ways to access files and printers than via MS's
file&printer sharing, and once you're inside the network you're in.

For example, you can immediately identify all the computers on the network,
their type, address, OS, patchlevel and so forth, then you can probe for
various security weaknesses, or for servers running (http, ftp, database,
others), any of which might have a means of ingress.

>Most if
>not all current AP's settings can only be changed through the web
>browser interface and as long as it's default password has been
>changed what measures are there to compromise that password?

Several, not counting brute-force cracking.

--
Mark McIntyre
CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

"Mark McIntyre" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On 27 Oct 2004 11:56:27 -0700, in alt.internet.wireless ,
> (E-Mail Removed) (kd) wrote:
>
> (snip various ideas for preventing access to hardware)
>
> >This would prevent identity theft, no?
>
> No. There /are/ other ways to access files and printers than via MS's
> file&printer sharing, and once you're inside the network you're in.
>
> For example, you can immediately identify all the computers on the
network,
> their type, address, OS, patchlevel and so forth, then you can probe for
> various security weaknesses, or for servers running (http, ftp, database,
> others), any of which might have a means of ingress.
>
> >Most if
> >not all current AP's settings can only be changed through the web
> >browser interface and as long as it's default password has been
> >changed what measures are there to compromise that password?
>
> Several, not counting brute-force cracking.
>
> --
> Mark McIntyre
> CLC FAQ <http://www.eskimo.com/~scs/C-faq/top.html>
> CLC readme: <http://www.ungerhu.com/jxh/clc.welcome.txt>
>
>
> ----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet
News==----
> http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000
Newsgroups
> ---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption
=---


Is there anything secure about this wireless stuff? :-) Besides turning
off the PCs when I'm not using it for Internet access?

> Is there anything secure about this wireless stuff? :-) Besides turning
> off the PCs when I'm not using it for Internet access?
>
kind of looks like the main people stealing bandwidth are
neighbors that don't know what they're connected to , or neighbors who don't
know how not to connect to the neighboring AP's.