Brent Saner on 2 Oct 2007 20:31:55 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Verizon FIOS & open wireless

  • From: "Brent Saner" <brent.saner@gmail.com>
  • To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
  • Subject: Re: [PLUG] Verizon FIOS & open wireless
  • Date: Tue, 2 Oct 2007 16:31:45 -0400
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=59Bq/XCNe9Qji9Gruu5YIm9khWt2fWXoCVn51A4kDGI=; b=U8+mGcw+V7CPy4oviWxHHRujGp0syM+9+70ZnwRp0fsmBvcd99mE2p5vGU6spaieCQl0gEz9Q1BI/PZlSnnebcSV2xPweKHktgV2LWG4ZXYsT453ECc2ttdYf3MrOy5Abd2iLYtYbmt/w5t0kNa0uUmBoC7+1KsBH4QnAhxpE+8=
  • Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
  • Sender: plug-bounces@lists.phillylinux.org

and i jsut thought about something- MAC spoofing!

might want to turn off all sniffing, etc. inside the proxy. try to honeypot them INTO the proxy.

On 10/2/07, Brent Saner <brent.saner@gmail.com> wrote:
exactly my p.o.v. too, gabe (is "Gabe" okay?).
what you should be worried about is if you run your entire network DMZ- no routing, no firewall, etc. just open to the chinese crackers (and russian, and irish, and african, and canadian, what have you. everyone).

open wireless does not mean insecure access. or even unmitigated access.

if you're concerned about people sending stuff from your ip, make a firewall-box rule- unlisted MACs cannot send/receive on mail (and only a fool would try to use webmail for an attack). nor can they ftp (IMPORTANT), or ssh, or bittorrent protocol, or telnet, or even access the local subnet. that right there pretty much leaves them locked down to just web browsing.

"but what if they go to illegal, etc. sites?"
unlisted MACs are routed through a proxy! (which, come to think, would prolly be a much easier way of doing the above).

yeah, just built a proxybox and route all irregular connections through that.


again, i hate to be the bringer of tough opposition, but you HAVE just been presenting FUD. i'd like to see documented numbers and sources of how many times X happens, how many times Y happens.


oppression isn't the enemy of freedom, fear is. remember that. :)


On 10/2/07, gabriel rosenkoetter < gr@eclipsed.net > wrote:

SNIP

Those sorts of attacks aren't new, nor do they have anything to do
with wireless network security (which inherently requires physical
proximity). Leaving a door open for people walking down my street is
different than leaving one open for all of APNIC. I don't do the
latter. (I don't, really, do the former: being on my open wireless
doesn't put you any closer to my systems.)


--
Brent Saner
215.264.0112(cell)
215.362.7696(residence)

http://www.thenotebookarmy.org



--
Brent Saner
215.264.0112(cell)
215.362.7696(residence)

http://www.thenotebookarmy.org
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug