F-13 new wireless routers -

James McKenzie jjmckenzie51 at earthlink.net
Sun Aug 15 02:43:32 UTC 2010

Wolfgang S. Rupprecht wrote:
> Bill Davidsen <davidsen at tmr.com> writes:
>> Wolfgang S. Rupprecht wrote:
>>> Bob Goodwin <bobgoodwin at wildblue.net> writes:
>>>>     Yes  I have been running WEP 'cause I have one old device that can
>>>>     do no more than that, and I usually admit only certain [18 or 19]
>>>>     MAC addresses that I have listed. Add to that the fact that I am in
>>>>     a rural area surrounded by cotton and soy beans, the distance to the
>>>>     road is about 200 meters, I don't think LAN security is a major
>>>>     worry. I can't detect any other systems when I scan.
>>> Well, WEP will keep out the casual person looking for an open wifi.  To
>>> be honest, I think that is good enough unless you have a bored and
>>> highly talented kid living next door.
>> I live across the street from a college. My security is better than theirs, 
>> thankfully.
> Reminds me of the joke about the two hikers preparing for a bear
> encounter.  One hiker is removing his hiking boots and putting on
> sneakers.  The other points out how useless this is because you can't
> outrun a bear.  The first retorts, "I don't have to outrun the bear I
> only have to outrun you."  In the same vein, you don't need great
> security, you just need something better than the school next door. ;-)
> Personally, I still believe in WPA2-only with CCMP-only and hex
> passwords pulled from /dev/random.  It's not that much more work to set
> up that way and give the attackers something very substantial to chew
> on.
Sort of like why there are locks on wooden doors.  Keeps the honest ones 
out.  The shotgun deals with the rest (and 10 gauges are really LOUD and 
do a good job of blowing a 200 lb person out into the street.)  That is 
what happens when some folks hit a few of the systems that I worked on.  
One of the 'Honey Pots' had a time bomb download.  If you were running 
WinBlows you got a shock about 14 days later.....(and a completely dead 
system to boot if you had flash eeproms in your hard 
drives/motherboard.)  After that, the number of attacks dropped 
greatly.  BTW, the file had nothing in it to point back to where it came 
from :)

Of course, after legal advice, the file was pulled and replaced with a 
nicer file.

Securing Wireless is like damming a river.  Works well until you get a 
flood, then all bets are off.

James McKenzie

More information about the users mailing list