Friday, August 8, 2008

Re: [BLUG] BLUG MEETING- Tues, Aug 12

Barry,

I don't remember Yogi's having Wi-Fi, but I could be wrong. If you'd
like to give your GPG presentation, I'd love to put you on the schedule
for September's meeting; I know I'd learn a lot, and I suspect others
will too.

Dave Cooley
dcooley@kiva.net

Barry Schatz wrote:
> Will there be wifi? My girlfriend and I want to show off our n810s.
> Then again, she has hers paired to her cell phone. I'm the only one
> who might need wifi, I guess.
>
> Also, if you have a GPG key, bring a copy of the fingerprint and a
> valid photo ID if you want to do some key signing. I don't think
> Yogi's would be the right place for that GPG presentation I was
> planning, but a key-signing party would be nice.
>
> -Barry
>
> Dave Cooley wrote:
>> Shoot, sorry, the meeting is at 7:00pm.
>>
>> Dave Cooley
>> dcooley@kiva.net
>>
>>
>>
>> Dave Cooley wrote:
>>> WHAT: BLUG meeting
>>> WHEN: Tuesday, August 12
>>> WHERE: Yogi's Bar & Grill
>>> WHY: Informal conversation and general socializing
>>>
>>>
>>> Yogi's is located at the intersection of 10th Street and Indiana
>>> Avenue. They have food if you want to eat, alcohol if you want to
>>> drink it, and our under-21 friends are OK to join in.
>>>
>>> In September, we'll be back at the library for a presentation.
>>>
>> _______________________________________________
>> BLUG mailing list
>> BLUG@linuxfan.com
>> http://mailman.cs.indiana.edu/mailman/listinfo/blug
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] ID theft via wardriving (URL)

Jeremy Gaddis wrote:
> On 8/8/08 4:49 PM, "Barry Schatz" <sorbetninja@gmail.com> wrote:
>
>> WPA (preferably WPA2) is the only reliable way to keep your network
>> secure. Hiding the SSID (the name of the network) and setting up MAC
>> address filters will keep people from using your network accidentally,
>> and WEP (the old encryption standard) will only block the people who
>> don't have the utility to crack it (takes <60 seconds to break WEP with
>> modern laptops). Lastly, use a strong passphrase for your network
>> encryption. https://www.grc.com/passwords.htm will give you a perfect
>> passphrase (especially if you use the random printable characters entry)
>> for your wireless network.
>>
>> This will keep your network plenty secured.
>>
>
> I'm still a big fan of requiring IPSec on the device, with the other
> endpoint being on the wired network (on another network segment), with the
> router in between being configured to only pass IPSec traffic.
>
> I wear a tin foil hat, though. =)
>
I tip my foil hat to you, sir. Then again, I don't know how to get my
n810 to do IPSec. I would love to centralize my logins and
authentication but I don't know where to start. Maybe you can show me at
the next meeting.
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] ID theft via wardriving (URL)

On 8/8/08 4:49 PM, "Barry Schatz" <sorbetninja@gmail.com> wrote:
> WPA (preferably WPA2) is the only reliable way to keep your network
> secure. Hiding the SSID (the name of the network) and setting up MAC
> address filters will keep people from using your network accidentally,
> and WEP (the old encryption standard) will only block the people who
> don't have the utility to crack it (takes <60 seconds to break WEP with
> modern laptops). Lastly, use a strong passphrase for your network
> encryption. https://www.grc.com/passwords.htm will give you a perfect
> passphrase (especially if you use the random printable characters entry)
> for your wireless network.
>
> This will keep your network plenty secured.

I'm still a big fan of requiring IPSec on the device, with the other
endpoint being on the wired network (on another network segment), with the
router in between being configured to only pass IPSec traffic.

I wear a tin foil hat, though. =)

--
Jeremy L. Gaddis
Network Administrator
Ivy Tech Community College of Indiana
812.330.6156 (w) 812.391.3971 (m)


_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] ID theft via wardriving (URL) (fwd)

I second this completely.

WPA (preferably WPA2) is the only reliable way to keep your network
secure. Hiding the SSID (the name of the network) and setting up MAC
address filters will keep people from using your network accidentally,
and WEP (the old encryption standard) will only block the people who
don't have the utility to crack it (takes <60 seconds to break WEP with
modern laptops). Lastly, use a strong passphrase for your network
encryption. https://www.grc.com/passwords.htm will give you a perfect
passphrase (especially if you use the random printable characters entry)
for your wireless network.

This will keep your network plenty secured.

Steven Black wrote:
> On Fri, Aug 08, 2008 at 10:54:48AM -0700, Beartooth wrote:
>
>> So for those of us who don't want to provide access to every stranger
>> within reach, what protection is good?
>>
>
> The current rage is WPA2[1] / IEEE 802.11i[2]. This is what IU is now
> using with its "IU Secure"[3] SSID.
>
> [1] http://www.wi-fi.org/knowledge_center/wpa2/
> [2] http://en.wikipedia.org/wiki/IEEE_802.11i-2004
> [3] http://kb.iu.edu/data/awws.html (What is IU Secure?)
>
> The MAC thing can be used, but with programmable MAC addresses, if
> that's the only security a person can snoop on your network, pick up
> your MAC address and simply reprogram their MAC address. Then they can
> surf your network and everything gets logged as if it were you. (Perhaps
> they want to watch your house a little to make sure they pick times
> where you won't be home.)
>
> Not to mention, that with just MAC filtering, all your communication
> continues to be in the clear, so in addition to poorly protecting your
> network, it doesn't protect your data at all.
>
> To an extent it is like most security. It doesn't need to be perfect, it
> just needs to be good enough that the criminals look elsewhere.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
>

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] ID theft via wardriving (URL) (fwd)

On Fri, Aug 08, 2008 at 10:54:48AM -0700, Beartooth wrote:
> So for those of us who don't want to provide access to every stranger
> within reach, what protection is good?

The current rage is WPA2[1] / IEEE 802.11i[2]. This is what IU is now
using with its "IU Secure"[3] SSID.

[1] http://www.wi-fi.org/knowledge_center/wpa2/
[2] http://en.wikipedia.org/wiki/IEEE_802.11i-2004
[3] http://kb.iu.edu/data/awws.html (What is IU Secure?)

The MAC thing can be used, but with programmable MAC addresses, if
that's the only security a person can snoop on your network, pick up
your MAC address and simply reprogram their MAC address. Then they can
surf your network and everything gets logged as if it were you. (Perhaps
they want to watch your house a little to make sure they pick times
where you won't be home.)

Not to mention, that with just MAC filtering, all your communication
continues to be in the clear, so in addition to poorly protecting your
network, it doesn't protect your data at all.

To an extent it is like most security. It doesn't need to be perfect, it
just needs to be good enough that the criminals look elsewhere.

--
Steven Black <blacks@indiana.edu> / KeyID: 8596FA8E
Fingerprint: 108C 089C EFA4 832C BF07 78C2 DE71 5433 8596 FA8E

[BLUG] ID theft via wardriving (URL) (fwd)

http://news.bbc.co.uk/2/hi/business/7544083.stm

===== ===== ===== =====
The 11 suspects are alleged to have obtained card
numbers, account information and password details by driving
around neighborhoods and hacking into wireless equipment.
===== ===== ===== =====

So for those of us who don't want to provide access to
every stranger within reach, what protection is good?

When I came here (Blacksburg, where Virginia Tech is,
not Blmtn), Tech was allowing only machines with known MAC
addresses to connect. My router does that, when I turn on
wireless access; but Tech has since given it up in favor of
something else; I don't know what.

--
Beartooth Staffwright, Not Quite Clueless Power User
Fedora 7, 8 & 9; Alpine 1.10, Pan 0.132; Privoxy 3.0.6;
Dillo 0.8, Epiphany 2, Firefox 2 & 3, Galeon 2, Opera 9
Remember I know little (precious little!) of where up is.

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] BLUG MEETING- Tues, Aug 12

Will there be wifi? My girlfriend and I want to show off our n810s. Then
again, she has hers paired to her cell phone. I'm the only one who might
need wifi, I guess.

Also, if you have a GPG key, bring a copy of the fingerprint and a valid
photo ID if you want to do some key signing. I don't think Yogi's would
be the right place for that GPG presentation I was planning, but a
key-signing party would be nice.

-Barry

Dave Cooley wrote:
> Shoot, sorry, the meeting is at 7:00pm.
>
> Dave Cooley
> dcooley@kiva.net
>
>
>
> Dave Cooley wrote:
>> WHAT: BLUG meeting
>> WHEN: Tuesday, August 12
>> WHERE: Yogi's Bar & Grill
>> WHY: Informal conversation and general socializing
>>
>>
>> Yogi's is located at the intersection of 10th Street and Indiana
>> Avenue. They have food if you want to eat, alcohol if you want to
>> drink it, and our under-21 friends are OK to join in.
>>
>> In September, we'll be back at the library for a presentation.
>>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] BLUG MEETING- Tues, Aug 12

Shoot, sorry, the meeting is at 7:00pm.

Dave Cooley
dcooley@kiva.net

Dave Cooley wrote:
> WHAT: BLUG meeting
> WHEN: Tuesday, August 12
> WHERE: Yogi's Bar & Grill
> WHY: Informal conversation and general socializing
>
>
> Yogi's is located at the intersection of 10th Street and Indiana
> Avenue. They have food if you want to eat, alcohol if you want to
> drink it, and our under-21 friends are OK to join in.
>
> In September, we'll be back at the library for a presentation.
>
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

[BLUG] BLUG MEETING- Tues, Aug 12

WHAT: BLUG meeting
WHEN: Tuesday, August 12
WHERE: Yogi's Bar & Grill
WHY: Informal conversation and general socializing


Yogi's is located at the intersection of 10th Street and Indiana
Avenue. They have food if you want to eat, alcohol if you want to drink
it, and our under-21 friends are OK to join in.

In September, we'll be back at the library for a presentation.

--
Dave Cooley
dcooley@kiva.net

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug