Friday, August 8, 2008

Re: [BLUG] ID theft via wardriving (URL) (fwd)

I second this completely.

WPA (preferably WPA2) is the only reliable way to keep your network
secure. Hiding the SSID (the name of the network) and setting up MAC
address filters will keep people from using your network accidentally,
and WEP (the old encryption standard) will only block the people who
don't have the utility to crack it (takes <60 seconds to break WEP with
modern laptops). Lastly, use a strong passphrase for your network
encryption. https://www.grc.com/passwords.htm will give you a perfect
passphrase (especially if you use the random printable characters entry)
for your wireless network.

This will keep your network plenty secured.

Steven Black wrote:
> On Fri, Aug 08, 2008 at 10:54:48AM -0700, Beartooth wrote:
>
>> So for those of us who don't want to provide access to every stranger
>> within reach, what protection is good?
>>
>
> The current rage is WPA2[1] / IEEE 802.11i[2]. This is what IU is now
> using with its "IU Secure"[3] SSID.
>
> [1] http://www.wi-fi.org/knowledge_center/wpa2/
> [2] http://en.wikipedia.org/wiki/IEEE_802.11i-2004
> [3] http://kb.iu.edu/data/awws.html (What is IU Secure?)
>
> The MAC thing can be used, but with programmable MAC addresses, if
> that's the only security a person can snoop on your network, pick up
> your MAC address and simply reprogram their MAC address. Then they can
> surf your network and everything gets logged as if it were you. (Perhaps
> they want to watch your house a little to make sure they pick times
> where you won't be home.)
>
> Not to mention, that with just MAC filtering, all your communication
> continues to be in the clear, so in addition to poorly protecting your
> network, it doesn't protect your data at all.
>
> To an extent it is like most security. It doesn't need to be perfect, it
> just needs to be good enough that the criminals look elsewhere.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
>

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)