[Leaplist] an ipcop question
tony_l_turner at yahoo.com
tony_l_turner at yahoo.com
Wed Dec 17 09:32:27 EST 2008
Kismet can still find it even if you turn off SSID. If you are having issues with devices that can't connect with it off you can turn it on, initiate the connection and then once your adapter has "learned" the connection you can often turn it back off and they will work after that using those saved parameters.
Sent from my Verizon Wireless BlackBerry
-----Original Message-----
From: William Warren <hescominsoon at emmanuelcomputerconsulting.com>
Date: Wed, 17 Dec 2008 08:48:38
To: This is the Leap Main List<leaplist at leap-cf.org>
Subject: Re: [Leaplist] an ipcop question
Hank Lambert wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> Aaron Morrison wrote:
>
>> WPA with RC4 (the default) is generally good enough given a good
>> pass phrase (pre-shared key). As a side note, AES takes more
>> computational power to generate the keys, so not all devices can
>> keep up.
>>
> I use WPA with AES, TKIP is too insecure. The only device I have that
> has problems with AES is my Mac G4, so I stuck a WAP on it's Ethernet
> port and it connects to the ritter in bridge mode.
>
>
>> MAC filtering and SSID hiding is not security. At best it's a form
>> of authentication which is not the same thing. Any sniffer will
>> reveal that information (instantly).
>>
>> And as you have experienced Bryan, hiding SSID can cause
>> compatibility issues with some devices. I do use MAC filtering
>> mainly to prevent the drive-by associations, however.
>>
>> --am
>>
>>
> I seem to do OK with the SSID off. Again, the Mac refused to play
> friendly, but it is the only one. I know that disabling the SSID and
> mac filtering isn't security, it's just another road block. If someone
> stumbles across my network, I hope to have enough things in play to
> make them want to move on to the next. My best guess is that if
> someone really wants into my network, the SSID and mac filtering can
> be overcome in minutes. And WPA has recently been cracked as well.
> That is the reason I have been planning on moving my ritter to the
> blue interface of the IPCop machine. I was thinking that if they got
> onto my wireless network and it is on the blue, they would still have
> the IPCop box to deal with. Is my thinking correct? I don't know
> enough about the blue interface to know, but if all it does is provide
> mac filtering for the machines, then that doesn't provide any further
> security.
>
> - --Hank
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJSPFSBEC44ZbTPXERAvHIAJ9QzDLkOMXtmFp1nc4GV/H5EU+BkACglDSN
> uGg+vpxGLOl9V61V8bYxmJ8=
> =GyfN
> -----END PGP SIGNATURE-----
>
>
>
ssid hiding is a false sense of security as the ssid has to be
transmitted in the clear as part of the initial connection handshake.
There's no way around it so you never tru7ly do hide it.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
Leaplist mailing list
Leaplist at leap-cf.org
http://lists.leap-cf.org/mailman/listinfo/leaplist
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Leaplist
mailing list