[Leaplist] an ipcop question

[Hank Lambert]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Oh I know it's easy to get; Kismet or Net Stumbler on the windows side
will display it. Like I said, it's just 1 of many things I do to try
an ward off the drive bys. I turn SSID on when adding a new device and
then turn it back off after the connection is established.

Same with mac address filtering. It's super easy to get the mac
address of wireless devices, and then spoof those addresses to get
past the filtering. But I figure that if I add more layers, then the
casual drive-by looking for free Internet access will keep going. But
even with WPA, if the right person wants in bad enough, they will get in.

- --Hank


tony_l_turner at yahoo.com wrote:
> Kismet can still find it even if you turn off SSID. If you are having
issues with devices that can't connect with it off you can turn it on,
initiate the connection and then once your adapter has "learned" the
connection you can often turn it back off and they will work after that
using those saved parameters.
> Sent from my Verizon Wireless BlackBerry
>
> -----Original Message-----
> From: William Warren <hescominsoon at emmanuelcomputerconsulting.com>
>
> Date: Wed, 17 Dec 2008 08:48:38
> To: This is the Leap Main List<leaplist at leap-cf.org>
> Subject: Re: [Leaplist] an ipcop question
>
>
> Hank Lambert wrote:
>
>
> Aaron Morrison wrote:
> 
> >>> WPA with RC4 (the default) is generally good enough given a good
> >>> pass phrase (pre-shared key).  As a side note, AES takes more
> >>> computational power to generate the keys, so not all devices can
> >>> keep up.
> >>>    
> I use WPA with AES, TKIP is too insecure. The only device I have that
> has problems with AES is my Mac G4, so I stuck a WAP on it's Ethernet
> port and it connects to the ritter in bridge mode.
>
> 
> >>> MAC filtering and SSID hiding is not security.  At best it's a form
> >>> of authentication which is not the same thing.  Any sniffer will
> >>> reveal that information (instantly).
> >>>
> >>> And as you have experienced Bryan, hiding SSID can cause
> >>> compatibility issues with some devices.  I do use MAC filtering
> >>> mainly to prevent the drive-by associations, however.
> >>>
> >>> --am
> >>>
> >>>    
> I seem to do OK with the SSID off. Again, the Mac refused to play
> friendly, but it is the only one. I know that disabling the SSID and
> mac filtering isn't security, it's just another road block. If someone
> stumbles across my network, I hope to have enough things in play to
> make them want to move on to the next. My best guess is that if
> someone really wants into my network, the SSID and mac filtering can
> be overcome in minutes. And WPA has recently been cracked as well.
> That is the reason I have been planning on moving my ritter to the
> blue interface of the IPCop machine. I was thinking that if they got
> onto my wireless network and it is on the blue, they would still have
> the IPCop box to deal with. Is my thinking correct? I don't know
> enough about the blue interface to know, but if all it does is provide
> mac filtering for the machines, then that doesn't provide any further
> security.
>
> --Hank
>
>>
>>

> ssid hiding is a false sense of security as the ssid has to be
> transmitted in the clear as part of the initial connection handshake. 
> There's no way around it so you never tru7ly do hide it.


> -------------------------

> _______________________________________________
> Leaplist mailing list
> Leaplist at leap-cf.org
> http://lists.leap-cf.org/mailman/listinfo/leaplist
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJSU2WBEC44ZbTPXERAv/mAJ9N6rmVXSGm8FocV/ySBx1v/vODVQCgmBK9
96tTR8IynX6DNqjAJAtjnoM=
=ear1
-----END PGP SIGNATURE-----


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.