Wireless security (was linux on odd devices)
Jason Spatafore
jason_online at spatafore.net
Sat Nov 14 15:55:19 MST 2009
On Sat, 2009-11-14 at 14:52 -0500, Steven A. DuChene wrote:
> The whole concept of "wireless encryption security" is
> somewhat moot with airdump-ng etc tools.
>
>
> WEP keys are really easy to break.
>
> WPA is also easily encroached - but harder with a truely
> unique secure key (which few people use)
>
>
> It just exists as part of the big "security" matrix to keep
> the honest people out. Crackers can get right in anyway!
I read through that and thought...not really a joke.
When you look through it, there's a lot of "if you can do this" and "if
you can do that". The simple solution for routers would be to
kill/ignore signals from any system after 3 failed login attempts for a
specified time out period...just like you do on SSH. Yes, you can change
the source MAC...and, yes, you would get 3 packets, get shut out..and
would have to keep changing the MAC which would, in turn, just take
longer...eventually, the cracker gets bored and looks for the easier
target...as always...and just does a DoS attack because that's all they
can really do in the end.
I'm pretty sure a firmware update (probably forthcoming) can handle that
aspect.
And, in the end, we *all* know there is no such thing as perfect
security, just like there is no such thing as a perfect deck of cards in
"Magic: The Gathering" or a perfect character in DnD.
I mean, go ahead, set up a wired network...what's to keep me tapping
into your wall, hooking up a digital signaling device, and using that to
hack your now unsecured network? I'm betting you wouldn't run your
cables securely...and, if you did, who says I can't get past that?
It's the same argument over and over again. :) It's all about whether or
not the cracker is determined and whether or not they really desire to
break the law.
More information about the PLUG-discuss
mailing list