> Message: 6 > From: "David G. Miller" <dave@xxxxxxxxxxxxx> > One reason I ended up running network cable to most of the rooms of our > house was the trouble I had trying to get a friend's laptop to connect > to my AP (it's also nice to have a gigabit LAN through the house). If I > have trouble getting a system to connect and I have full access and know > "everything", it should at least be fairly difficult for someone who > doesn't have such access and knowledge. > > I run WEP (will probably go to WPA when I find time to diddle with > setting it up), filter MACs and don't broadcast ESSID. I know that > theoretically this set up isn't absolutely secure but I'm guessing I've > raised the bar high enough that I'll keep the script kiddies, access > scofflaws and all but the really serious crackers out. Also, a quick > scan of the APs in the neighborhood indicates there are several that are > much easier to crack (or just use). > > Cheers, > Dave Not long ago, I shared similar view-- for home use, minimal security should be "Good enough". Two things changed my mind: First, I was doing research for a paper on the current state of wireless security and was shocked at how many security flaws existed in the early wireless protocols. For example, I can determine your WEP key and SSID by passively listening to your network. This can be done with freely downloaded code. Changing one's MAC address (to match your filters) has been available for years and doesn't require any additional software. Second, we were talking about this topic and one of my friends told me his neighbor had been named in a lawsuit over theft of digital music (Sony was suing him). Turns out that the neighbor hadn't done anything illegal, but someone had been using (stealing) his home WiFi network to download music.... took him a while (and $$$) to prove he was innocent. Do a Google search on "War driving"-- it's becoming a popular hobby... --- Cris -- Cristopher J. Rhea Mayo Foundation Research Computing Facility Pavilion 2-25 crhea@xxxxxxxx Rochester, MN 55905 (507) 284-0587 Fax: (507) 284-5231
