Re: OT: unathorized network user.

All this talk of locking networks down is odd for an open source
community. (Business networks are different)

I run dd-wrt running nocat auth w/ 5 wds nodes placed around the
block. At any given time i have a half dozen people who I don't know
doing I don't know what on my network.

I don't block p2p, smtp .... anything. I even have my printer on the
network w/ instructions on how to print to it.

Am I personally at risk? Yes. But I think it is a small price to pay
to cultivate an open community where information isn't kept from
others.

-bazooka

2008/1/24 Mikkel L. Ellertson <mikkel@xxxxxxxxxxxxxxxx>:
Dave Ihnat wrote:

Similarly, leaving SSID on doesn't stop the determined hacker with tools.
But none of the common WiFi connection agents on laptops will show a
non- broadcast SSID; you have to go out, get the tools, and work on it.
Well, the connection management for XP that came with my Toshiba
laptop do show access points that do not broadcast their SSID. I
would have to check, but I think the connection management software
supplied by AT&T if you have their WiFi service will also do this.
(I have to connect to an AT&T access point to re-activate the software.)

Restricting MAC addresses can easily be overcome--but you have to have
gotten the tools to do so.
Getting around the blocking of a specific MAC address is easy with
the standard tools on both Linux and Windows. To discover the MAC
addresses in use does require a bit of work, but the software is so
easy to find. So that is about like closing your door - it keeps
people from wandering in, but not much else. So it may or may not be
worth the effort. If you have visitors that you want to give access,
it is a lot more complicated then just giving then a USB key with
the network configuration, or a pass phrase so that they can hook
up. You also have to copy their MAC address to the router.

What I am trying to say is that things like this can be handy in
keeping honest people honest, but they may not be worth the trouble.
Things like disabling the SSID can cause you trouble without adding
any benefit. Changing the default SSID will stop accidental
connections, and allow auto-connection by authorized computers. But
you are not talking about something that will slow down someone
trying to crack your network. The danger is in someone thinking that
it will, and not taking real security precautions.

It can also backfire on you, in that it can make you a more tempting
target for someone that is learning to crack wireless networks,
because it is more of a challenge then an open network, but is not
as intimidating as a WPA protected network. (Or I got this neat
script that is supposed to grab the SSID and MAC address of the
wireless connection. Here is one that is not broadcasting its SSID,
lets try it out.)

DHCP--eh, it's too convenient to get rid of.
Logging--preferably with forwarding to an internal system--is useful.
But after all of these, let the cracker find the WPA encryption behind
all the lightweight stuff. You've got to have someone who really wants
into your network at that point.

The trick is to secure your wireless network without making it too
inconvenient for you to use. After all, if you wanted it totally
secure, you would turn off the wireless part of the router
completely, or only turn it on when you need it. You can also take
some of the more complicated measures, like only allowing VPN
connections between computers on your network, or putting a firewall
between the wireless router and the rest of hte local network.


Mikkel
--

Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!


--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list


--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • RE: Multiple Connection Attempts to Home Wireless Network
    ... make connection attempts to any available wireless, ... Subject: Re: Multiple Connection Attempts to Home Wireless Network ... >Planning, Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)
  • Re: Linksys WRT54G acts like a dumb hub, no DHCP or wireless capabilities
    ... laptop and the PC would lose connection with the router. ... Well, the results are the same: I can connect to the wireless network, ... but after about 10 minutes I will lose connection with the router. ...
    (alt.internet.wireless)
  • Re: Lan Wifi Network
    ... >knowledge of computer network... ... a wireless user has gone away. ... client software to do the job. ... connection which can be timed. ...
    (alt.internet.wireless)
  • Re: Wireless network, Bluetooth, and Home Networking
    ... notebook PC, together with a wireless network between the same ... connection to the PC, or loose the network connection PC to ... Your easiest bet is to purchase a wireless router - ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Activesync Kills Wireless
    ... Acer TravelMate 8104WLMi with Intel PRO/Wireless 2915ABG Network Adapter, ... NetGear RangeMax WMN802 Wireless Access Point ... I do have to repair the network connection as ... could install this driver. ...
    (microsoft.public.pocketpc.activesync)