On Tue, 2011-05-17 at 17:36 +0100, Frank Murphy wrote: > Also if it's your home wLan, hide it, don't broadcast the ssid. > So those in your neighbourhood won't even know you have a wireless. Completely pointless: Your device is transmitting something, this is detectable. And it does so several times a second (i.e. it's continual). The SSID is only one of the names being transmitted. There's other identifying data that isn't usually displayed to most users. So hiding it is certainly not making it anonymous. Various computers will actually list your allegedly *hidden* device as an "unnamed" access point, so it's not even hidden. Certainly the numerous programs prepared to "hack your neighbours" applications downloadable for the completely clueless will. It does nothing to prevent anyone getting into your network when they really want to. There's no hacking involved in getting past the unnamed access point. Actually causes problems: Various devices find it harder to purposely connect to it, or more to the point, /you/ may find it more difficult. You have to type thing in, instead of it being presented on a list. You have to differentiate between your access point and someone else's. The SSID is part of the data your computer uses for it to pick the right access point to associate with. It gets worse when you and your neighbours all play the faux hidden wireless network game, so you have more difficulty picking the right network. And even more fun debugging problems when more than one of you is on the same channel, or left the default manufacturer's SSID in place and hid that (when you both have the same access point). Trying to hide it makes you an even more interesting target to the wannabe hackers. Seriously, it's a dumb idea. Monkey see, monkey do. You're a monkey. And while I'm shooting dumb ideas down in flames... MAC filtering is useless as a security measure, and can be a pain in the neck for yourself trying to get things working. It can't force someone to be unable to connect, but it can make it awkward for you, making you have to reset things to allow your computer when you make mistakes, or want to connect a different NIC. WEP security is useless. WPA (1) security is useless. With WPA2 use *only* AES out of the AES/TKIP choices. That means AES by itself. Not TKIP. Nor TKIP and AES as a combination. And for the PSK/EAP choice, you'll probably only be able to use PSK. I seem to recall that EAP was another bad choice, but you'll need to research that. Password length and wierdness increases security. You're less likely to be hacked by lucky guesses if you don't have plain words in there. Certainly don't use real names, phone numbers, birthdates, or anything else that's easy for someone else to find out about you. NB: Regarding another posting about using foreign words, the password is either ASCII or HEX. So UTF, or other encodings, are out of the question. But if you can write the word using ASCII, you can enter it. Having an unsecured net is sheer stupidity. You might think what the hell, I've nothing to lose... Well, the moment someone does something illegal through your network you're in for some legal fun and games that you really don't want to be bothered with. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
