Re: [B.A.T.M.A.N.] AHdemo mode

public inbox for b.a.t.m.a.n@lists.open-mesh.org
 help / color / mirror / Atom feed

From: Marek Lindner <lindner_marek@yahoo.de>
To: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n@open-mesh.net>
Subject: Re: [B.A.T.M.A.N.] AHdemo mode
Date: Thu, 10 Apr 2008 08:52:50 +0800	[thread overview]
Message-ID: <200804100852.51052.lindner_marek@yahoo.de> (raw)
In-Reply-To: <200804092052.12389.gfjl@ubbi.com>

Hi,

> I found this post : http://robin.forumup.it/about107-robin.html
>
> I like to hear opinions about this possible security issue.

why do the security experts always find the same bug ?  :D

As far as I know the WPA encryption is not supposed to secure _all_ your 
traffic. It is supposed to encrypt the traffic between your notebook and your 
accesspoint. 

For meshing you need ad-hoc mode and in this mode you don't have a single 
authority to authenticate against. How should "mesh encryption" work - all 
nodes are "equal" ?

If you want to secure your network traffic, please use the higher security 
layers as SSL or similar technologies. They do _proper_ end to end 
encryption. Even if the WPA would work your traffic is not secure as the 
internet gateway and all stations after it still could sniff your traffic.

I would be very interested to hear from "williamruckman" what kind of packets 
he would inject to "capture all traffic or perform a man-in-the-middle 
attack". I suggest reading the "security considerations" section of this 
document first:
https://www.open-mesh.net/batman/doc/draft-openmesh-b-a-t-m-a-n-00.txt

Regards,
Marek

next prev parent reply	other threads:[~2008-04-10  0:52 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-04-09 23:52 [B.A.T.M.A.N.] AHdemo mode GUSL
2008-04-10  0:52 ` Marek Lindner [this message]
2008-04-10  1:55   ` GUSL
2008-04-10  2:23     ` Vinay Menon
2008-04-10  4:22       ` Marek Lindner
2008-04-10  6:04         ` bruno randolf
2008-04-10  6:59           ` Vinay Menon
2008-04-11  7:48       ` Simon Wunderlich
2008-04-10  4:12     ` Marek Lindner
  -- strict thread matches above, loose matches on Subject: below --
2008-04-10  9:41 Marek Lindner
2008-04-10  9:51 ` elektra
2008-04-11 18:30 ` Aaron Kaplan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200804100852.51052.lindner_marek@yahoo.de \
    --to=lindner_marek@yahoo.de \
    --cc=b.a.t.m.a.n@open-mesh.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox