On 08/14/2010 08:19 PM, James McKenzie wrote:
> JD wrote:
>> On 08/14/2010 07:43 PM, James McKenzie wrote:
>>
>>> Wolfgang S. Rupprecht wrote:
>>>
>>>> Bill Davidsen<david...@tmr.com> writes:
>>>>
>>>>
>>>>> Wolfgang S. Rupprecht wrote:
>>>>>
>>>>>
>>>>>> Bob Goodwin<bobgood...@wildblue.net> writes:
>>>>>>
>>>>>>
>>>>>>> Yes I have been running WEP 'cause I have one old device that can
>>>>>>> do no more than that, and I usually admit only certain [18 or 19]
>>>>>>> MAC addresses that I have listed. Add to that the fact that I am
>>>>>>> in
>>>>>>> a rural area surrounded by cotton and soy beans, the distance to
>>>>>>> the
>>>>>>> road is about 200 meters, I don't think LAN security is a major
>>>>>>> worry. I can't detect any other systems when I scan.
>>>>>>>
>>>>>>>
>>>>>> Well, WEP will keep out the casual person looking for an open wifi. To
>>>>>> be honest, I think that is good enough unless you have a bored and
>>>>>> highly talented kid living next door.
>>>>>>
>>>>>>
>>>>> I live across the street from a college. My security is better than
>>>>> theirs,
>>>>> thankfully.
>>>>>
>>>>>
>>>> Reminds me of the joke about the two hikers preparing for a bear
>>>> encounter. One hiker is removing his hiking boots and putting on
>>>> sneakers. The other points out how useless this is because you can't
>>>> outrun a bear. The first retorts, "I don't have to outrun the bear I
>>>> only have to outrun you." In the same vein, you don't need great
>>>> security, you just need something better than the school next door. ;-)
>>>>
>>>> Personally, I still believe in WPA2-only with CCMP-only and hex
>>>> passwords pulled from /dev/random. It's not that much more work to set
>>>> up that way and give the attackers something very substantial to chew
>>>> on.
>>>>
>>>>
>>>>
>>> Sort of like why there are locks on wooden doors. Keeps the honest ones
>>> out. The shotgun deals with the rest (and 10 gauges are really LOUD and
>>> do a good job of blowing a 200 lb person out into the street.) That is
>>> what happens when some folks hit a few of the systems that I worked on.
>>> One of the 'Honey Pots' had a time bomb download. If you were running
>>> WinBlows you got a shock about 14 days later.....(and a completely dead
>>> system to boot if you had flash eeproms in your hard
>>> drives/motherboard.) After that, the number of attacks dropped
>>> greatly. BTW, the file had nothing in it to point back to where it came
>>> from :)
>>>
>>> Of course, after legal advice, the file was pulled and replaced with a
>>> nicer file.
>>>
>>> Securing Wireless is like damming a river. Works well until you get a
>>> flood, then all bets are off.
>>>
>>> James McKenzie
>>>
>>>
>> Actually, it is impossible to secure wireless. That's because the
>> publicly available crypto systems being used were deliberately
>> designed to be broken in real time by parties with very keen
>> interest in such ability. The how of such methods of course remain
>> in the sole domain of the keenly interested parties :)
>>
> If you own a Cray, you can do wonderous things (there is one at NSA and
> one at the Russian equivalent.) Otherwise, it will take years
> (distributed.net is still trying to break 3DES3EDE.)
>
> James McKenzie
>
Of course, by "keenly interested parties", I do not mean such visible
and public organizations as distributed.net. 'nough said :)
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
