Protection against wireless cracking

[noOneSpecial]

True, it's easy to detect (relatively), as long as you have a monitoring program/IDS running, or utilize DHCP snooping. Remember that valid ARP entries will change too, like when a client disconnects and connects, and in turn is assigned a new IP address. You can also just have a static ARP cache/IP-MAC mapping and not allow changes to it, but this only works in non-DHCP environments. Unfortunately I have rarely seen any sort of ARP poisoning detection/prevention deployed in any environment I have worked in, including enterprise and corporate.

NO WAYYYYYYY !!!! No ARP WATCHING software was deployed ??? That sounds like a REALLY BAD POLICY or simply someone is REALLY LAZY !!!! I GOT NO CLUE !!! Well, I'm still a student and haven't really worked on any big scale network (what a surprise) but even I know that some level of security has to be in place otherwise your employees will take you down (internal attacks are the most common from what I've read and heard till now). I'm working on a simple tool now that does a simple version of MITM attack and does a DoS attack (and other few things). U can have a look at my website and try it out - still I need to work on it properly, but works. Anyway, I can't imagine a network without any protection.. it becomes a jungle then... grrrrrr

[HeHeHunter]

Unfortunately, I had to admit, no matter how you protect your wireless, if someone is keen to crack your wireless, that person will still be able to crack.

However, depending on your location, you may take legal actions against that person for invading your wireless network -- provided you are able to detect that person.

[bartuuin]

There is something far more simple than looking into custom encryption and looking at special hardware.On top of your encryption you need to hide your ssid.I dont recommend and linksys routers under the cisco name because there full of security loopholes.The only way to log into a router with a hidden ssid is to know what its ssid is to begin with and yes there are ways to find out if you dont know what it is but it makes breaking into the wireless router much more difficult.

[thetan]

There is something far more simple than looking into custom encryption and looking at special hardware.On top of your encryption you need to hide your ssid.I dont recommend and linksys routers under the cisco name because there full of security loopholes.The only way to log into a router with a hidden ssid is to know what its ssid is to begin with and yes there are ways to find out if you dont know what it is but it makes breaking into the wireless router much more difficult.

First of all, nice necro.

More importantly however, you're post is completely trash. Not broadcasting your SSID is not a security measure, it's just stupid. Security through obscurity is typically always frowned upon from security professionals because it accomplishes nothing.

Also, your comment on linksys/cisco hardware is completely bogus, so please refrain from such retarded nonsensical accusations unless you can back them up.

[shaqywacky]

<3 Thetan