On 08/14/2010 08:19 PM, James McKenzie wrote: > JD wrote: >> On 08/14/2010 07:43 PM, James McKenzie wrote: >> >>> Wolfgang S. Rupprecht wrote: >>> >>>> Bill Davidsen<davidsen@xxxxxxx> writes: >>>> >>>> >>>>> Wolfgang S. Rupprecht wrote: >>>>> >>>>> >>>>>> Bob Goodwin<bobgoodwin@xxxxxxxxxxxx> writes: >>>>>> >>>>>> >>>>>>> Yes I have been running WEP 'cause I have one old device that can >>>>>>> do no more than that, and I usually admit only certain [18 or 19] >>>>>>> MAC addresses that I have listed. Add to that the fact that I am in >>>>>>> a rural area surrounded by cotton and soy beans, the distance to the >>>>>>> road is about 200 meters, I don't think LAN security is a major >>>>>>> worry. I can't detect any other systems when I scan. >>>>>>> >>>>>>> >>>>>> Well, WEP will keep out the casual person looking for an open wifi. To >>>>>> be honest, I think that is good enough unless you have a bored and >>>>>> highly talented kid living next door. >>>>>> >>>>>> >>>>> I live across the street from a college. My security is better than theirs, >>>>> thankfully. >>>>> >>>>> >>>> Reminds me of the joke about the two hikers preparing for a bear >>>> encounter. One hiker is removing his hiking boots and putting on >>>> sneakers. The other points out how useless this is because you can't >>>> outrun a bear. The first retorts, "I don't have to outrun the bear I >>>> only have to outrun you." In the same vein, you don't need great >>>> security, you just need something better than the school next door. ;-) >>>> >>>> Personally, I still believe in WPA2-only with CCMP-only and hex >>>> passwords pulled from /dev/random. It's not that much more work to set >>>> up that way and give the attackers something very substantial to chew >>>> on. >>>> >>>> >>>> >>> Sort of like why there are locks on wooden doors. Keeps the honest ones >>> out. The shotgun deals with the rest (and 10 gauges are really LOUD and >>> do a good job of blowing a 200 lb person out into the street.) That is >>> what happens when some folks hit a few of the systems that I worked on. >>> One of the 'Honey Pots' had a time bomb download. If you were running >>> WinBlows you got a shock about 14 days later.....(and a completely dead >>> system to boot if you had flash eeproms in your hard >>> drives/motherboard.) After that, the number of attacks dropped >>> greatly. BTW, the file had nothing in it to point back to where it came >>> from :) >>> >>> Of course, after legal advice, the file was pulled and replaced with a >>> nicer file. >>> >>> Securing Wireless is like damming a river. Works well until you get a >>> flood, then all bets are off. >>> >>> James McKenzie >>> >>> >> Actually, it is impossible to secure wireless. That's because the >> publicly available crypto systems being used were deliberately >> designed to be broken in real time by parties with very keen >> interest in such ability. The how of such methods of course remain >> in the sole domain of the keenly interested parties :) >> > If you own a Cray, you can do wonderous things (there is one at NSA and > one at the Russian equivalent.) Otherwise, it will take years > (distributed.net is still trying to break 3DES3EDE.) > > James McKenzie > Of course, by "keenly interested parties", I do not mean such visible and public organizations as distributed.net. 'nough said :) -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
