In this scenario he's not connected to your network so you have nothing to worry about. Who cares if he deauths a client and then connects to himself? (Well other than the client that got booted)Originally Posted by HitThemLow
They have? Where? Please provide some linkage.Is it possible to dump my registry keys still? Because I imagine it would be as people have mentioned it b4.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
1. If he manages to get a client in a MITM, the client did something wrong --> train your users
OR
2. A zero day wireless xploit was abused on the client (but what kind of? can't even imagine one) --> you can do completely nothing and one of your clients and so your hole network is compromised
Auswaertsspiel
Either I don't still get it or the question is kind of pointless.
So the scenario is: You have your own wireless lan A. It is secure, you are not worried that someone can access it. A bad guy sits in a truck and connects to your neighbor's unsafe wireless lan B.
Now your question is can he access the machines on network A if he is connected to B.
At least that's how I understood your question. Answered before but no, it is not easily possible to go from client->B->internet->A->your machines. It requires the attacker to know the IP of your router for instance, get through the router's security and so on.
Tiocfaidh ár lá
One relatively easy option for the attacker is to use reverse connector (exe).... I tested it 2 months before and it worked like charm (even accessed victim located in Italy from UK, well, with their permission certainly)
If you can't explain it simply, you don't understand it well enough -- Albert Einstein
He'd still have to get the OP to click on the exe on a custom crafted web page. He doesn't need to be on the neighbor's wifi for that.
Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69
Not what I meant: heres as defined as I can make it:
The "Hacker" connects to neighbour's network A. He sets up a rouge AP on his laptop. He then repeatedly deauths my clients until one of them joins his AP. Is it possible for him to then manipulate the files on my "stolen" clients computer? Not actually connecting to my network, but rather get the key out of the stolen client, which he can then use to join the network with ease.
I think I finally understand what you are trying to explain/say.
First, the hacker doesn't need to connect to your neighbors network to accomplish a MITM using a Fake AP.
To answer the second part of your question, in theory, it is possible for the "hacker" to get the keys out of the client laptop. You are talking about "wireless key grabber"
Ok, thats exactly what I was trying to figure out, but how can I prevent it? Disable netbios :\ Because we use printer + file sharing.
Oh and I know he doesnt -have- to connect to my neighbour, but if I understand it right, that would generally be a good idea to do so, so that my user doesnt go "Wtf, where did my intranet go?"
Keep your system patched up to date and use a decent host firewall.
Correct, if you are talking of the internet
In order to access your machine he would still have you to execute a file, do something on a suspicious site and so on. Well you might want to check the homepage of a vendor of some software if the autoupdate feature pops up, since this can be used as an attack vector too (see evilgrade).
Tiocfaidh ár lá
Posting Permissions
