[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] Experience with Verizon FIOS & wireless installation
|
- From: "Brian Stempin" <brian.stempin@gmail.com>
- To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
- Subject: Re: [PLUG] Experience with Verizon FIOS & wireless installation
- Date: Mon, 1 Oct 2007 16:34:47 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=5jvO2DaLX0BMuoOHOXavqPrm0VaQ9frr9KwCJLJZZpM=; b=O7JD6yBZtHW4U9I5PViNvZ5dqtlRcYh+eB/QKk7xqtCQR1aaKLTD+VFa/igbhfDnHiTeyLsQnuZy9I1vafm/1wjez0iZP6zPE9TC53UqrT66lVawEvaeqCIqzh7vDQ1ITjY9T5HFyFPBrCu3lm1gCkdaLkZZoJ5H2UJ2hUOjpEk=
- Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
- Sender: plug-bounces@lists.phillylinux.org
Being open (and neighborly) is not mutually exclusive with keeping your own systems secure.
In a case like this, it's a question of liability and not of security.
Once upon a time while I was in High School, a group of peers approached me and asked me how to make certain transactions totally anonymous. The first thing that came to mind was to (a) fake my MAC address, and (b) War-Drive until I found someone with an open WAP that I could leech off of. This means that if I were to cause some sort of trouble (ie, downloading kidde porn, hacking, etc) the logs would show the IP address of the open WAP. Sure, they probably will most likely escape some sort of conviction, but being charged with something like that is a huge burden. Even being investigated for something like that without being charged is still a pain. They just went from an open neighbor to a victim over-night.
Sorry, but I'm not open enough to allow someone to expose me to that type of hardship.
On 10/1/07, gabriel rosenkoetter <
gr@eclipsed.net> wrote:At 2007-10-01 00:55 -0400, Brian Vagnoni <
bvagnoni@v-system.net> wrote: > It's all broken WEP, WPA ..etc. I've seen hack videos for both, > and cracked both myself. Aircrack-ng can crack wep and wpa in > minutes. Non-broadcasting SSID's are a joke. You still transmit
> beacon frames and if you listen long enough you will get the SSID.
Um. Or you could choose to leave the wireless network open (potentially, segregated from internal systems you'd rather not have facing the outside world) as a friendly neighbor.
I don't understand when it became a bad idea to share ones Internet connection on purpose. I do understand why it's inadvisable for the technically less-literate, but folks around here ought to be able to
secure their networks sufficiently and even rate-limit unknown wireless users. Forward-thinking ISPs (Speakeasy, for example) even encourage their users to do this and help them publicize the location of their wireless access points to other customers.
If you're concerned that someone will funnel spam through your connection, then don't permit SMTP outbound except through your mail server and configure SMTP/TLS. If you're concerned that people will
kill your bandwidth with large downloads, I've found that it's actually reasonable to be reactive, rather than proactive, and ban abusive MAC addresses explicitly rather than limit connectivity.
I've always maintained a publicly accessible access point, and I've
only had a problem a couple of times (solved by banning the MAC address). Most people just want to check their mail and so forth, and even regular-user neighbors tend to ask (eventually).
Being open (and neighborly) is not mutually exclusive with keeping
your own systems secure.
-- gabriel rosenkoetter gr@eclipsed.net
___________________________________________________________________________ Philadelphia Linux Users Group --
http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|