|
|
|||||||
| Register | Search | Today's Posts | Mark Forums Read |
 |
|
|
LinkBack | Thread Tools | Display Modes |
07-19-2002
|
#1 (permalink) |
|
Do I look like I'm joking
Join Date: Apr 2002
Location: SoCal, OC
Posts: 4,507
|
Wireless Security Blackpaper
Wireless Security Blackpaper
http://arstechnica.com/paedia/w/wire...ecurity-1.html [PDF] http://arstechnica.com/etc/pdf/pdf-warning.html from: Slashdot'sDevelopers: 802.1X Security Overview http://developers.slashdot.org/devel....shtml?tid=172
__________________
-=BW=- |
|
|
|
07-19-2002
|
#2 (permalink) |
|
Squaaawk! WiFi! WiFi!
Join Date: Apr 2002
Location: Tinsel Town
Posts: 1,682
|
it's already been posted to the main NS site:
http://www.netstumbler.com/article.p...rder=0&thold=0 anyone have the PDF?
__________________
~lincomatic |
|
|
|
|
07-19-2002
|
#3 (permalink) | ||
|
Do I look like I'm joking
Join Date: Apr 2002
Location: SoCal, OC
Posts: 4,507
|
Quote:
 This is the main site as far as I am concerned  Quote:
What is the meaning/genesis of your nick?: Beerology/Heatware Profile:
__________________
-=BW=- Last edited by blackwave : 07-19-2002 at 03:07 PM. |
||
|
|
|
|
07-20-2002
|
#4 (permalink) |
|
Registered Member
Join Date: Apr 2002
Location: Michigan
Posts: 199
|
Blackwave,
In regards to a section in the link you posted...Authentication Type shared key authentication vs. open authentication To my knowledge, and especially after reading that link, open authentication is really the way to go huh? "The weakness with this particular method (shared key authentication) is in the clear text transmission of the challenge string. By passively listening to the conversation, an attacker can obtain two of the three variables in the authentication equation; the clear text challenge string and what the challenge string looks like after it has been encrypted. By plugging these values into the RC4 equations, the attacker can easily solve for the shared authentication key. Furthermore, because the same keys are used for shared key authentication and WEP, when you use shared key authentication and it is compromised you have had your WEP keys compromised as well, meaning that an intruder could then decipher all traffic to and from the AP point and its clients. Ironically, the most secure setting of this feature is 'open authentication', allowing anyone to associate with your access points, and relying on other methods to handle security." So why is my linksys AP using BOTH? Should I set it specifically to open? Sh00t3r |
|
|
|
|
07-20-2002
|
#5 (permalink) | |
|
Do I look like I'm joking
Join Date: Apr 2002
Location: SoCal, OC
Posts: 4,507
|
Quote:
Security is just a method to slow attackers down that have intent to enter areas that are not meant as public. Some measure of obscurity if often better than none because it is unknown to the capability of your attacker. For example if the attacker is unskilled, they may move on to simpler targets. If the attacker is unskilled, yet using a script written to attack your configuration specifically, well then better make sure your configuration is not set to any defaults, and is as unique as possible which may foul the script, and then they would move on. By relying on the design of the boxes created by the manufacturers we are soley trusting that those guys had some brains to allow for changes, such as firmware updates. On top of making your system unique after you pull it from the box, be sure to upgrade to the latest firmware, software from the site. This is pretty much all one can do that is within control of the end-user. 1. I would think that both have been set on for default for simpler configuration for dumb users. Personally I would set mine to use whatever security offered, as per the reasonings above. 2. Though also I would make sure that anything I would be putting on air to be via vpn tunnel for extra measures of security, as well as locking down the AP/Router as best as possible. 3. Anything going over the air should not be any type of sensitive data. I would not be too concerned over any normal internet usage such as buying something online, most connections are using ssl, which add a little bit more security. 4. Also make sure your schema is secure, your os hardened, your email applications hardened, as well as anything else used on said system... it certainly does not help to have all this security, and be running a hot version of kazaa... I hate seeing this type of gaping hole on user's networks... 5. By making your target more difficult to penetrate, the chances are more likely that the attacker will either: a. more to a simpler target. b. find another method of penetration, such as dumpster diving, social engineering, etc... 6. Lastly, if someone wants to get in bad enough at all costs, they most probably will in one form or another.
__________________
-=BW=- |
|
|
|
|
|
07-21-2002
|
#6 (permalink) |
|
Registered Member
Join Date: Apr 2002
Location: Michigan
Posts: 199
|
Great post blackwave,
If my brain wasn't toasted from last nights "social activities" I'd love to reply with an intuitive opinion on default security. But seeing i can barely type i'm going to refrain. Maybe later lol. |
|
|
|
|
07-21-2002
|
#7 (permalink) | |
|
Squaaawk! WiFi! WiFi!
Join Date: Apr 2002
Location: Tinsel Town
Posts: 1,682
|
Quote:
__________________
~lincomatic |
|
|
|
|
|
07-21-2002
|
#9 (permalink) |
|
Here To Serve You
Join Date: Jul 2001
Location: http://www.awayfromreality.com
Posts: 207
|
Doh
Sorry guys, the link to that article doesnt work anymore because of a problem backing up the main site. We only lost like 2 new stories, but the newer ones up there are even better.
-aFR |
|
|
|
|
07-22-2002
|
#11 (permalink) | |
|
Do I look like I'm joking
Join Date: Apr 2002
Location: SoCal, OC
Posts: 4,507
|
Quote:
The link stated here still functions.
__________________
-=BW=- |
|
|
|
|
Linear Mode
