Originally Posted by bolexxx
Do members not feel that after the TK Max/TJX affair where millions of credit card details were stolen with fairly simple tools AND because of some very bad IT security procedures that time is now up for WEP in a commercial enviroment?
Before TJX then maybe a IT admin could be forgiven for not knowing the 'latest' about wifi encryption, but now there really is no excuse. After all,the skiddies have read the TJX news stories too..... and you can bet your last $ that they will now be armed with the same tools,same intentions and probably wardriving right now looking for similar targets!
I helped out a friends boss (supermarket manager) after i noticed 3 pcs near his store sending out probes for the shops network, their wireless should have been for pricing guns/printers only, with no internet or corp Lan connection needed. After showing the manager how long WEP takes to crack (shock 1!) i first fired up wireshark, thinking i would need to detect the IP scheme being used, only to notice DHCP was in use (shock 2!) and that every other pc and point-of-sale was also visable and most traffic was sniffable(shock 3!).
The naming scheme was also stupid, names like WIN2000BOFF1 (WINdows 2000 Back OFFice 1) just make things too easy for unauthorised 'visitors' on the network, all computers in the shop were named like this...... (shock 4!)
The worst part is still to come though, when the manager FINALLY managed to get a hold of one of his companies IT contractors, the guy frankly didn't seem to care. He at first said it was impossible for me to see the non-wireless devices,it took about 2 mins of me and the manager reading out hostnames and IPs till we hit one important enough(!) for him to know about it before he started to listen. It turns out that the contractors buy in the wireless pricing guns/printers from a 3rd party and just plug them in..... Any further setup "depends on which guy fitted them".
Only after about 10 mins on the phone to this guy did he actually ask a "what can i do to stop this" question, i told him to go out on site and have a look for himself, and then i asked what pentest distro and equipment he used....
Him"uh, oh here it is, its called auditor......."
Me:"you do know thats a couple of years out of date, at least, backtrack 3 beta is the newest version of that live cd?"
Him:"no....."
This supermarket is another TJX just waiting to happen, and it just pisses me off so much that they are just not bothered about it!
The same supermarket shares its WEP key between ALL UK stores btw......
I would call the above situation commercial negligence after the publicity surrounding TJX, and if it was my choice the IT contractors would have got the boot.
He even tried to defend the use of WEP by pointing out that a WPA enabled pricing gun was £20 more each because it needs a keyboard attaced. When i asked him how much in labour alone it would cost to have someone come in and setup the routers properly, catalouge all equipment (for MAC listing) and set up a VPN or something to try make the WEP more secure he quickly saw my point......
TT
ps:The shocks were to the manager,not me. Well apart from the Contractor maybe, that shocked me!
