Wireless security (was linux on odd devices)

Sat Nov 14 15:55:19 MST 2009

On Sat, 2009-11-14 at 14:52 -0500, Steven A. DuChene wrote:
>         The whole concept of "wireless encryption security" is
>         somewhat moot with airdump-ng etc tools. 
>         
>         
>         WEP keys are really easy to break.
>         
>         WPA is also easily encroached - but harder with a truely
>         unique secure key (which few people use)
>         
>         
>         It just exists as part of the big "security" matrix to keep
>         the honest people out.  Crackers can get right in anyway!

I read through that and thought...not really a joke. 

When you look through it, there's a lot of "if you can do this" and "if
you can do that". The simple solution for routers would be to
kill/ignore signals from any system after 3 failed login attempts for a
specified time out period...just like you do on SSH. Yes, you can change
the source MAC...and, yes, you would get 3 packets, get shut out..and
would have to keep changing the MAC which would, in turn, just take
longer...eventually, the cracker gets bored and looks for the easier
target...as always...and just does a DoS attack because that's all they
can really do in the end.

I'm pretty sure a firmware update (probably forthcoming) can handle that
aspect. 

And, in the end, we *all* know there is no such thing as perfect
security, just like there is no such thing as a perfect deck of cards in
"Magic: The Gathering" or a perfect character in DnD.

I mean, go ahead, set up a wired network...what's to keep me tapping
into your wall, hooking up a digital signaling device, and using that to
hack your now unsecured network? I'm betting you wouldn't run your
cables securely...and, if you did, who says I can't get past that?

It's the same argument over and over again. :) It's all about whether or
not the cracker is determined and whether or not they really desire to
break the law.