Re: Intruder in my wireless network? / intrusion detection programs

In article <zE19g.87211$eR6.8859@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>, John Navas <spamfilter0@xxxxxxxxxxxxxx> wrote:
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

In <da3dj3-t27.ln1@xxxxxxxxxxxxxxxxxxx> on Thu, 11 May 2006 22:00:28 -0300,
Derek Broughton <news@xxxxxxxxxxxxxx> wrote:

Rico wrote:

The sun could explode also, what are you doing about that?

That's somewhat like saying, we're all going to die anyway, and the risk is
low, so why not smoke? Or not wear a seatbelt.

And yet, we can easily find links showing where smoking or not wearing
seatbelts leads to early demise, but not a breached home network with just
a modicome of security enabled (WAP).

Let's leave off the logical fallacies. I can't do anything about the sun
exploding (though there is a prof. in California who's working on the
problem) while I _can_ do something about wireless network hacking.

Indeed, and it's not terribly hard, so not doing it makes no sense.

And yet, you can't show wher ethis has ever happened can you. Using the
dogs name or the word cat or even a single letter.

Actually, (a) you never asked for examples where it had happened to me or
anyone else on the group, and (b) you didn't ask _me_ to provide
citations - you asked John. I can, in fact, say it _hasn't_ happened to me.

That's hard, if not impossible, to say with any real certainty -- experts
agree that the great majority of intrusions go undetected. Even though my own
security is very robust, I would only say that I don't *think* it's ever
happened to me.

I'm not even very concerned that it _will_ happen to me.

Likewise, but only because I have very robust security.

It's just plain
insane not to take basic precautions - which means a reasonable secure,
non-dictionary, password if you use WPA. I agree that you _don't_ need to
go so far

Since WEP is pretty much worthless, I personally think WPA should always be
used with a strong passphrase. Since takes only a small amount of effort to
generate and use a truly strong passphrase (e.g., seven or more diceware
words), it makes no sense to set the bar lower ("reasonable secure").

Back this up with a single documented instance of even minimal security
being applied to a home network and it being hacked. Not asking for two,
just a single one. The boogie man is not hidden behid the tree in your
back yard.

<http://www.lanarchitect.net/Articles/Wireless/SecurityRating/>:

Level 1: Home and SOHO WLAN security

Unfortunately, many home users are either using some old equipment,
old drivers, or older operating systems that don't natively support
WPA so they are still using WEP if anything at all. WEP encryption
was thought to be good for a week for most light traffic home
wireless networks because the older WEP cracking tools needed 5 to 10
million packets to recover a WEP key, but the newest WEP cracking
techniques can break WEP in minutes. Even if there isn't that much
traffic, the attacker now has ways to artificially generate traffic
and accelerate WEP cracking. Because of this, consumers should avoid
any product that doesn't support WPA TKIP mode at a minimum but
preferably WPA AES capable or WPA2 certified devices. If they have
WEP only devices, check with the vendor to see if there are any
firmware and/or driver updates that will upgrade the device to WPA
mode. If not, anyone who cares about privacy should throw out those
devices. As harsh as that may sound, it is comforting to know that
newer Access Points and Client Adapters that do support WPA can be
purchased for as little as $30. Client side Wireless LAN software
(officially known as Supplicants) also need to be updated to support
WPA or WPA2. Windows XP SP1 with the WPA patch can suffice, but
Windows XP SP2 is highly recommended.


fundamentalism, fundamentally wrong.
.

Relevant Pages

  • Re: Security for Linksys WRT54GX - MAC filtering?
    ... WEP encryption at 128 bit ... I've read something on these groups about MAC filtering for additional security - what is it and what might it be called in the Linksys router setup? ... but WEP is not going to do it for you. ... It has WPA PreShared Key and WPA radius as options other than WEP. ...
    (comp.security.firewalls)
  • Re: Re: allowing access to an orange router
    ... Also, Livebox initially broadcasts both a wep and wpa signal, and negotiates ... and change the security to wep or wpa from wep and wpa. ...
    (uk.telecom.broadband)
  • Re: WEP Encryption Key Length
    ... WEP, even ... It was a very flawed system from a security ... laptop to properly configure WPA. ... It's all a tradeoff, ALL the layers CAN be hacked, even WPA. ...
    (comp.dsp)
  • Re: Intruder in my wireless network? / intrusion detection programs
    ... Since WEP is pretty much worthless, I personally think WPA should always be ... WPA so they are still using WEP if anything at all. ... wireless networks because the older WEP cracking tools needed 5 to 10 ... newer Access Points and Client Adapters that do support WPA can be ...
    (alt.internet.wireless)
  • RE: Cracking WEP and WPA keys
    ... Has anyone tried cracking WEP with a Cisco 1200AP? ... Subject: Re: Cracking WEP and WPA keys ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)