Re: Protected WLAN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2011-05-21 at 20:48 -0500, Mikkel L. Ellertson wrote:
> I like defense in depth - you have to crack the first layer before
> you find out about the second layer. This may even give me time to
> fix the first layer, depending on how long cracking the second layer
> takes.

And therein lay a problem:  Some people assume that cracking through one
layer will take time, and they'll notice it and be able to respond, or
it'll take too long and the miscreant will abort.  The reality is that
it may take no time, and you may never notice.

Any time I see someone saying they turned off their firewall to get
something working, I cringe.  They seem to expect that they'll be fine
doing that, yet were absolutely sure that they needed it on the rest of
the time.

You can get a random attack at any time, and some ISPs will tell you
that they can see continuous sweeps of their IP addresses probing for
something to play with.

It took all of four seconds for a friend of mine to get hacked when he
first logged on with WindowsXP (via a USB ADSL modem, where there's
virtually nothing between modem and computer system).  And what got him
(I can't recall any more, it was years ago) couldn't be removed by his
anti-virus software, so he had to reformat and re-install.  Around an
hour or so later, he reconnected, and got hacked again in just a few
seconds.  I laughed so hard it hurt.

> Actually, the first layer of defense is ... After that, it gets easy -
> you have access to the Internet, and a couple of my printers. Or you
> can go to work on cracking the security of the machines on the
> network.

When my friend first got a laptop he took me out wardriving.  It was
surprising how many unsecured networks were around.  And, now, you have
people with wireless printers that can be directly accessed.  It did
amuse us that it would be possible to print something on their printer,
and they'd never know how or why it printed what it did.

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux