Log in

No account? Create an account

Previous Entry | Next Entry

more mandatory reading. Read and understand these. That's an order.

If lowes employed WEP, they wouldn't have been put in the position they were to begin with. They became the low lying fruit by trying to follow these myths (although when I connected, long before Adam and Brian, they didn't even employ mac filtering).

I shall deliver a swift kick in the balls to anyone I see implementing these. Seriously.



( 17 comments — Leave a comment )
(Deleted comment)
Jun. 10th, 2005 10:51 pm (UTC)
yea, besides the pain in the ass it generally is, people can also connect to the IPsec gateway and attempt attacks on it. Even if you seal everything off, if your IKE daemon becomes exploitable (or already is), you're still screwed.

I want someone to come up with WPA support for the orinoco stuff. Not because I really like orinoco much anymore, but because my laptop has one built in, and I'd like to switch away from WEP.
(Deleted comment)
(Deleted comment)
Jun. 12th, 2005 08:18 pm (UTC)
Jun. 10th, 2005 11:10 pm (UTC)
I have some pretty tough security implementations.
in the form of about 200' of cat5 ;op

(and if someone walks in and attempts unauthorized network access, in the form of plugging into my router, I have a baseball bat...)

I'm so leet, or something. hehe
(I also have an old-school VCR instead of tivo. weeee)
Jun. 11th, 2005 02:23 am (UTC)
awesome. Your security is perfect.
Jun. 11th, 2005 05:20 pm (UTC)
if the cable is in a compromisable location you're still subject to cutting in, jacking out the two ends, having a switch tossed into the works, and it's the ideal example of a man in the middle attack.
I admit this is a metric assload less likely than some dillweed with a wireless card, but physical security is highly under valued.
(Deleted comment)
Jun. 12th, 2005 04:43 am (UTC)
Bet that was a bugger to pin down.
Personally I wouldn't go to that much expense. A cheap wireless router that has a built in 4 port switch can easily be hidden in a ceiling and having access to an electrical outlet isn't an unreasonable hope.
Jun. 12th, 2005 08:21 pm (UTC)
That's also clever, but when you need a gig, my friend, you need a gig.

Besides, I'll bet if they were using wireless, they'd have found it quickly. I'd be willing to bet that the university in question was running airespace gear, which if I recall correctly, can find rogue wireless gear and triangulate it.
Jun. 12th, 2005 08:19 pm (UTC)
Dude. That's all kinds of hardcore awesome. Do you know if this was a mistake, or intentionally done to avoid detection?
(Deleted comment)
Jun. 13th, 2005 08:59 pm (UTC)
I've heard of that sort of thing (and have seen the directories on those servers), but never knew any of them were in Michigan.
Jun. 11th, 2005 09:24 pm (UTC)
Right, so I should be using WEP, right? I checked and realized I was using WPA-PSK. I have switched over to WEP with 128 bit encryption. I really need to do my homework on this whole wireless shit. This is what I get for getting away from the industry, it's so hard to get back in the know.
Jun. 12th, 2005 08:16 pm (UTC)
No, not at all. WEP is better than nothing, but WPA-PSK (so long as you don't have a shitty password) is WAY, WAY better than WEP.
Jun. 13th, 2005 01:04 am (UTC)
Oh, so I should have stuck with WPA-PSK and my complex pass key?
Jun. 13th, 2005 04:03 am (UTC)
absolutely. you're probably safe as a household at 128 bit WEP (it's what I use), but if all your cards and your AP support WPA-PSK, definitely use it.
(Almost none of my gear supports WPA but my access point, so I can't use it)
Jun. 13th, 2005 03:15 pm (UTC)
Yeah, I switched back to WPA-PSK (128b) and used a very complex pass key, so I feel somewhat secure.
( 17 comments — Leave a comment )