Advice wanted regarding setting up WiFi - fun
Alvin Oga
alvin at Mail.Linux-Consulting.com
Thu Apr 1 14:43:09 PST 2004
hi ya bill
On Thu, 1 Apr 2004, William R Ward wrote:
> I want to make it painless to get online with my wifi setup, so I
> don't think I want to restrict by MAC address. And that's easy to
> spoof anyway. NoCatAuth still sounds pretty cool to me.
i dont know if nocatauth supports ipsec ( its predecessor did )
and i'm not in favor of sending "everybody" a webpage and asking
them to login before they get authenticated for wireless connection
- they are already connected to get the webpage
- httpd, ssl, ssh has exploitable holes if its not patched
- secure wireless logins doesn't seem to be too trivial .. always got
some form of gotchas
> As I said earlier, my existing firewall is a little box from Linksys.
those linksys puppies supposedly runs linux ...
- we should be able to replace it's wep app with a new one
that runs ipsec instead
- using wep or not does not make much difference..
- "most" people's passwd is what??
( 50% uses password or some variation of it
( 25% uses their spouses names
( 10% uses their atm pin#
- guess how long it takes for a pc to brute force it all
- run some of the various passwd crackers on your /etc/shadow
file and see what the varitions are ...
passwd crackers
http://www.Linux-Sec.net/Audit/Tools.fs/
- hopefully you have 10 regular people for each techie
that knows what makes a good password to be using
(one of the) ipsec howto
http://jcs.org/ipsec_wep/
rest of the nite-nite readingz...
http://www.Linux-Sec.net/Wireless
c ya
alvin
More information about the Baylisa
mailing list