Re: Protected WLAN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 05/22/11 16:00, Tim wrote:
> Yay!  He's got it...
>
> You do realise what the MAC is for?  It's the name of that particular
> hardware interface, it's address, it's location...  So that when data
> goes out on the wire, that's where it's intended for.
>
> As far as network switches and routers go, it's the way of saying data
> for IP 192.168.1.whatever goes to/through MAC xx:yy:zz:etc.  It's the
> MAC it's using.
>
> It's a vital part of basic networking, whether encrypted or not, it
> can't be hidden from view.
>
> Filtering using it can only ever be slightly effective.  Likewise with
> filtering by IP.  Both are readily seen on a network, even if the data
> can't be read.  And both are easily changed.
>
> Encryption, on the other hand, involves co-relating pseudo-random keys
> on both half of the connection.  Where the key is a computation against
> a pass-phrase, and requires both sides to use the same pass phrase, and
> maths.  A third party is going to have one hell of a time trying to fake
> their way into that, unless the encryption scheme is crap (e.g. WEP and
> WPA are useless).
>
> Usually, well encrypted connections are hacked by:  Guessing stupidly
> chosen passwords or stealing them (copying written notes, implanting
> trojans, asking someone to login to something and hoping they'll use the
> same password).  The latter being dead easy.  Lots of people use the
> same password for everything.  And how often do you see some website
> that asks you to login using your Hotmail address and password?  And
> people do, without giving any thought about it.
>
Is there a tool or set of procedures that can identify
the source of an attack before it succeeds?
It seems to me that the net is really at the mercy of
the  wireless router/gateway. If it does not have/provide
a mechanism to send and alert to a daemon on a specific
machine about attempted break-ins (such as repeated
attempts of guessing the passphrase from some specific
IP address), we will never know of these attempts 'til
much later, or much too late.
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux