Re: wpa encryption of wireless network how to?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tim wrote:
On Tue, 2008-02-12 at 23:08 +0100, Jan Brosius wrote:
I also had the impression that I got connected more quickly if I let
my router broadcast its SSID.

If you don't broadcast your SSID, it's harder to work out which access
point your hardware should be connecting to, and software doesn't have
an ID to reference which bits of information go together (e.g. this
access point with that password, and so on).

If you do broadcast your SSID, you can easily find your access point on
a list, and connect to your own access point rather than your
neighbours.  Your neighbours can easily tell which is theirs instead of
yours, and use the right one.

Not broadcasting your SSID does *NOT* give you any security, in any way
whatsoever, it's a fallacy.  Hackers and nuisances can still mess with
you when you're not broadcasting it.  All that does is give you
networking problems to work around.

I'm not sure I follow here, while a serious hacker probably has tools to determine how to connect without knowing the SSID, it stops wannabes who don't have some tool and are likely to continue on to something easier.

As for networking problems, a step approach certainly seems to avoid them.
- using a dummy SSID, broadcast it and make a connection
- stop broadcasting, reboot everything, make a connection
- change the SSID at both ends, reboot everything, make a connection

I've had consistent success with these steps, the 2nd step only seems to fail if there are router firmware issues, and you really want those fixed anyway.

Broadcast your SSID.  Set it as something that you can easily see as
being your access point.  Follow whatever rules there are for using the
right characters (if you're not supposed to use blank spaces,
underlines, or something else, then don't use them).  If you can't find
rules pointing them out, then the simplest thing to do would be just use
ASCII letters and numbers.

I always believe that making every step of a possible intrusion as hard as possible reduces the number of attempts at the next step.

Since I have a router which does WEP only, my connection to the firewall accepts only packets to the OpenVPN server which handles the real connections. Probably as secure as WPA and avoids having to update a few old machines. Since non-trusted connections are used on the road, OpenVPN is on every machine anyway.

Feel free to comment on any of this if you feel that there's a better way within reasonable time and budget limits.

--
Bill Davidsen <davidsen@xxxxxxx>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux