Re: wpa encryption of wireless network how to?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tim wrote:
Tim:
Not broadcasting your SSID does *NOT* give you any security, in any way
whatsoever, it's a fallacy.  Hackers and nuisances can still mess with
you when you're not broadcasting it.  All that does is give you
networking problems to work around.

Bill Davidsen:
I'm not sure I follow here, while a serious hacker probably has tools to determine how to connect without knowing the SSID, it stops wannabes who don't have some tool and are likely to continue on to something easier.

Read what I said again.  It's a COMPLETE FALLACY.  There is NO security
benefit WHATSOEVER in hiding the SSID.  It's zero worth, pointless, and
it makes people waste their time with this sort of crap:

As for networking problems, a step approach certainly seems to avoid them.
- using a dummy SSID, broadcast it and make a connection
- stop broadcasting, reboot everything, make a connection
- change the SSID at both ends, reboot everything, make a connection

People insist on doing stupid things like this, breaking networking,
then come up with daft extra steps to restore it.  When they should just
have done things properly, in the first place.

It's as stupid as believing that unscrewing the house numbers from the
front of your house magically protects you from being burgled.  Oh look,
they don't know that we're number seven.  They'll be less inclined to
burgle us...

It's a load of crap.  This is computing.  It's hard facts.  It's not
magic.  There's no place for superstitition.

Broadcast your SSID.

I always believe that making every step of a possible intrusion as hard as possible reduces the number of attempts at the next step.

It doesn't make it the slightest bit hard.  My computer find networks
without an SSID being broadcast.  They're harder to work out which is
the right network to use, only in as much as you've got to try them all
out one by one.  But they're listed, and selectable.

Amazing how your words agree with me while your tone says you don't. You agree that it makes it harder to connect, and seem to see no benefit to making an AP less inviting. Any step to make access even a little harder or less appealing will deflect some portion of the hackers who are looking for an easy target.

Call it the Zebra principle, to survive the zebra doesn't have to outrun the lion, just one slower zebra. Most monkeys pick the lowest hanging fruit.

Since I have a router which does WEP only, my connection to the firewall accepts only packets to the OpenVPN server which handles the real connections. Probably as secure as WPA and avoids having to update a few old machines. Since non-trusted connections are used on the road, OpenVPN is on every machine anyway.

Decent encryption and other traffic flow control techniques are the only
way to go (e.g. tunnelling, encrypted logon credentials, etc.).  Though
you have to be careful you don't fall into the trap of thinking that
only this device can talk to that device because you've used MAC or IP
filtering.  All of those things can be changed at will.



--
Bill Davidsen <davidsen@xxxxxxx>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux