|
||||||||||
Mohammed Ismail wrote: > Yes you are right, I had a friend of mine was able to connect through > wireless AP connected to mikrotik, he was able to sniff other client's > username and password for hotspot login. Using SSL for the login page will fix that... > Nothing is secured 100% , but people like my friend are not much out there, ...don't bet on that. Freely available tools and online "howto's" are readily available to make anyone with a computer dangerous. It is the people who _don't_ know about networking that blindly use these point-and-click tools on other peoples networks who are dangerous. The well experienced network experts are the ones who will surgically infiltrate your network, get whatever they need, and leave without ever leaving a trace behind. > So you are safe as long they are away from you. If you have 100+ users across 20 buildings, I assure you that you need to be concerned about internal security. If you really do have 20 switches in 20 buildings, then surely your company can afford to replace a few of them with managed gear. At a minimum, you can buy Cisco 2950's on eBay for < $100 USD. They will get you started, and even three of them in good locations will at least minimize any impact an intruder might have (in the ARP Poison context). Your better bet would be replace all 20 switches with managed ones, and then you _could_ protect each client, and at the same time give you new opportunities to re-design your broadcast domain into smaller, more manageable purpose-built ones. > Most people uses Switch Sniffer and Cain or winarp spoofer and netcut > Plus womrs. Perhaps you are right, _most_ people likely do use those tools, but knowledgeable people who require such tools for troubleshooting use tcpdump, nmap, ettercap, hping2, scapy etc ;) Steve |