Re: Protected WLAN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tuesday 17 May 2011 20:15:24 James McKenzie wrote:
> On Tue, May 17, 2011 at 11:35 AM, Michael Cronenworth <mike@xxxxxxxxxx> 
wrote:
> > James, why are you attempting to justify this pointless, unsecure,
> > method of wireless configuration?
> > 
> > SSID hiding is *not* secure. It is *not* a deterrent. Security through
> > obscurity is *not* security.
> 
> Want to bet?  By hiding stuff in plain sight? It works.  It's called
> Stegronagraphy.  If I camoflague myself and hid in a bunch of bushes,
> I'm betting you won't find me.  That is what we are doing when we hide
> the ssid.
> Again, it is a DETERANT, not an absolute method.
> If I turn off the ssid, your job just got harder.

No, it didn't get harder. Mind you, nobody ever tries to crack into a wireless 
network by trying to connect and guessing passwords manually through the OS's 
user interface. That's utterly impossible. Rather, the cracker uses some 
ready-made software to crack in.

This software will simply "see" both the hidden and public SSID's on equal 
footing, along with MAC addresses of already-connected clients (I already 
mentioned a typical example of airodump-ng, which is in the aircrack-ng 
package in the Fedora repo, feel free to try it out).

It is literally *ZERO* effort to find out both hidden SSID's and allowed MAC 
addresses. And it is all public information, that you can read off the screen 
of your laptop, just by being in the area covered by the signal from the 
access-point. There is absolutely no security there, and it is not even a 
deterant.

Btw, you are not camoflaging yourself and hiding in the bushes, you are 
camouflaging yourself and remaining in plain sight on the street. Doing that 
will only attract even more attention from the knowhow-crackers.

Best, :-)
Marko


-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux