{SPAM?} Re: {SPAM?} Re: [SLUG] Linux and 802.11g cards

From: Steve (steve@szmidt.org)
Date: Wed Mar 31 2004 - 08:48:12 EST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 30 March 2004 06:15 pm, Kat wrote:
> This discussion has prompted me to do a little
> homework.. I am also trying to set up a wireless card,
> without much success so far. I have a Netgear WG511
> card which is supposed to be fairly easy to set up
> with a few downloaded files and a little kernel
> recompilation, however every instruction how-to I have
> run across has been different, which is quite
> confusing for a new linux user. It has been a great
> learning opportunity but is frustrating at the same
> time. Back to the point of discussion- security. After
> reading several articles about this subject, it seems
> that my only real option if I am paranoid (which I'm
> not, really) or if I access hot spots (which I don't)
> would be a VPN - something like this
> http://www.hotspotvpn.com/faq.asp?mm=2
> I would be willing to pay $8.88/month if I was as
> concerned about it as you are, Steve.

The problem is that the insuffient randomnes, weak key generation, with
actual range of signal to read your packets much longer than you think,
lets someone break your encryption from maybe as few as tens of thousand to
a couple of million packets. All by sitting quite far away with a good
antenna. The top encryption and security people all agree on the weakness.

So it's really not a matter of needing to be paranoid but a level of
probability that does not match the article you read. This guys odds are
for the birds in fairy land.

Think about it. Is wireless popular? Does everyone you know get it?

War driving by casual hackers only entails being able to USE the connection.
But it's very enumerative to get a good antenna as you can pick up signals
easily from far away, and break the encryption at your own leasure.

About the only way to implement wireless is to place it outside your
firewall and use a vpn. But that probably breaks the reason you have it.

This is not something one just easily rely on other peoples opinion. Like
saying home users have less to fear than business. It might very well be
true but the price might still be too high.

As I said it's not just a matter of someone being able to ruff though your
personal files, but to involve your in attacks on others.

802.1X/EAP is the best as far as I can tell. Then use encryption with
frequently rotating WEP keys.

No chalk marks needed...

> However, I haven't seen any chalk markings in front of
> my house yet, or anyone parked outside with a laptop,
> but if I do, you can bet I will be signing up. So the
> question I suppose would be, what
> level do I need? just a network ID to prevent my
> neighbor from accidentally barging in? WEP? AES? VPN?
> Do I really need any of it? What if I just could
> somehow make the range not extend past the outside
> walls of my house? Or I could do what Logan does
> (whose reponse cracked me up) if I could figure out
> how. One step at a time, I suppose.
>
> To quote Jean Tourrilhes (wireless LAN how-to) "it's
> much more likely that you will get hacked from the
> Internet or that somebody will tap your phone line at
> the back of your house"
>
> p.s. this is my first post to the list so don't scare
> me off by flaming me, please. thanks!
> -Kathryn
>
> oh, and that Revolution OS movie was both hilarious
> and inspiring, thank you for showing it at the St Pete
> meeting
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Finance Tax Center - File online. File on time.
> http://taxes.yahoo.com/filing.html
> -----------------------------------------------------------------------
> This list is provided as an unmoderated internet service by Networked
> Knowledge Systems (NKS). Views and opinions expressed in messages
> posted are those of the author and do not necessarily reflect the
> official policy or position of NKS or any of its employees.

- --
Steve

"They that would give up essential liberty for temporary safety deserve
neither liberty nor safety."
                                Benjamin Franklin

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAaswnljK16xgETzkRAnAQAKDCpo+D15lLZW6NHMPkExPfcvGVPgCfdHAZ
M5imoOlNQ9fBJzdJpBaFCZ0=
=5+KF
-----END PGP SIGNATURE-----

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:49:50 EDT