Re: Protected WLAN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, May 17, 2011 at 11:10 AM, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:
> On Tue, 2011-05-17 at 17:36 +0100, Frank Murphy wrote:
>> Also if it's your home wLan, hide it, don't broadcast the ssid.
>> So those in your neighbourhood won't even know you have a wireless.
>
> Completely pointless:
>
>  Your device is transmitting something, this is detectable.  And it
> does so several times a second (i.e. it's continual).
>
True.  Bet you have a lock on every door to your house as well.
Turning off the SSID is a deterent.  Make them go somewhere else.
Same with door locks.  If I want to get into your house, I will.  Even
if it means using TNT.

>  MAC filtering is useless as a security measure, and can be a pain in
> the neck for yourself trying to get things working.  It can't force
> someone to be unable to connect, but it can make it awkward for you,
> making you have to reset things to allow your computer when you make
> mistakes, or want to connect a different NIC.
>
Same thing here.  It will take more 'work'.  Make them go away.


>  With WPA2 use *only* AES out of the AES/TKIP choices.  That means AES
> by itself.  Not TKIP.  Nor TKIP and AES as a combination.  And for the
> PSK/EAP choice, you'll probably only be able to use PSK.  I seem to
> recall that EAP was another bad choice, but you'll need to research
> that.
>
Agreed.

>  Password length and wierdness increases security.  You're less likely
> to be hacked by lucky guesses if you don't have plain words in there.
> Certainly don't use real names, phone numbers, birthdates, or anything
> else that's easy for someone else to find out about you.
>
Yep.  Use a passphrase that is something easy for you to remember, but
hard for others to guess.

Again, make them go away.  Determined criminals will enter your house.
 The common thief will rattle your front door, finding it locked and
go away.

>  NB:  Regarding another posting about using foreign words, the password
> is either ASCII or HEX.  So UTF, or other encodings, are out of the
> question.  But if you can write the word using ASCII, you can enter it.
>
>  Having an unsecured net is sheer stupidity.  You might think what the
> hell, I've nothing to lose...  Well, the moment someone does something
> illegal through your network you're in for some legal fun and games that
> you really don't want to be bothered with.
>
Ask the 83 year old lady in NYC about the child porn case she found
herself involved with.  Was a 25 year old registered sex offender
using a 'friends' computer.  She got her front door broken down and he
got 170 years and had to pay for a new door.

The only places that I know of that have unsecured networks are coffee
shops and maybe the occassional food establishment.  Other than that,
lock the damn door and secure it.  Adding MAC whitelists is but one of
five steps.. We've discussed the other two to the end.

James McKenzie
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux