Not immune, but less likely. The Windows host attaching to the AP is the
most likely attack vector. A BSD/Linux host connecting to the AP is a
less likely attack vector.
But why is it less likely? Because no one is attacking non-windows
machines? Or because the code (network driver and OS) is actually more
secure?
ray
On Wed, 11 Apr 2007, Dustin Puryear wrote:
> You are also assuming that only Windows is vulnerable to this. Are
> Linux and BSD network card drivers somehow immune?
>
>
> Wednesday, April 11, 2007, 3:28:23 PM, you wrote:
>
>> Sorry for the top-posting.
>
>> I agree that if you're surfing with *BSD inside VMware running on a
>> Windows host, the Windows host is still vulnerable (the TCP/IP stack,
>> your windows NIC drivers, the OS itself, and who knows what else can
>> be compromised). However, if you open a VPN session back to a secure
>> host (say a Linux box on your LAN at home), and direct all surfing
>> traffic through the tunnel, I would think that your Windows host would
>> probably be safe from attack via your actual surfing.
>
>> However, the Windows host is still connecting to the access point,
>> which is in my mind the likeliest attack vector in the described
>> setup. A fake AP (remember the stories about trojan APs in various
>> airports over the Christmas holidays? I remember seeing one of them in
>> Atlanta Hartsfield), some fool sniffing traffic out in the parking
>> lot, worms spread from the infected laptop 2 tables away, etc.... you
>> get the picture. Sure, your bank transactions via *BSD and VMware,
>> tunneled back to your Linux box at home, may be secure, but your
>> Windows laptop is still subject to attack.
>
>> --Joey
___________________
Nolug mailing list
nolug@nolug.org
Received on 04/11/07
This archive was generated by hypermail 2.2.0 : 12/19/08 EST