gabriel rosenkoetter on 1 Oct 2007 20:20:24 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Experience with Verizon FIOS & wireless installation


At 2007-10-01 00:55 -0400, Brian Vagnoni <bvagnoni@v-system.net> wrote:
> It's all broken WEP, WPA ..etc. I've seen hack videos for both,
> and cracked both myself. Aircrack-ng can crack wep and wpa in
> minutes. Non-broadcasting SSID's are a joke. You still transmit
> beacon frames and if you listen long enough you will get the SSID.

Um. Or you could choose to leave the wireless network open
(potentially, segregated from internal systems you'd rather not
have facing the outside world) as a friendly neighbor.

I don't understand when it became a bad idea to share ones Internet
connection on purpose. I do understand why it's inadvisable for the
technically less-literate, but folks around here ought to be able to
secure their networks sufficiently and even rate-limit unknown
wireless users. Forward-thinking ISPs (Speakeasy, for example) even
encourage their users to do this and help them publicize the location
of their wireless access points to other customers.

If you're concerned that someone will funnel spam through your
connection, then don't permit SMTP outbound except through your mail
server and configure SMTP/TLS. If you're concerned that people will
kill your bandwidth with large downloads, I've found that it's
actually reasonable to be reactive, rather than proactive, and ban
abusive MAC addresses explicitly rather than limit connectivity.

I've always maintained a publicly accessible access point, and I've
only had a problem a couple of times (solved by banning the MAC
address). Most people just want to check their mail and so forth,
and even regular-user neighbors tend to ask (eventually).

Being open (and neighborly) is not mutually exclusive with keeping
your own systems secure.

-- 
gabriel rosenkoetter
gr@eclipsed.net

Attachment: pgpppFVZYDri6.pgp
Description: PGP signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug