Advice wanted regarding setting up WiFi - fun

Chuck Yerkes chuck+baylisa at snew.com
Thu Apr 1 15:59:27 PST 2004


Sometimes I'm amazed the messages make it through my Baysian filters...

Quoting Alvin Oga (alvin at Mail.Linux-Consulting.com):
...
> and i'm not in favor of sending "everybody" a webpage and asking
> them to login before they get authenticated for wireless connection
> 	- they are already connected to get the webpage
But perhaps not allowed access to the rest of the net.
> 	- httpd, ssl, ssh has exploitable holes if its not patched
and your point? 

> - secure wireless logins doesn't seem to be too trivial .. always got
>   some form of gotchas
low SO acceptance factor to demand that s/he ssh to a machine to enable
authpf (obsd) to open access.  web page is easier and an 11 year old
can figure it out (I tested)

> > As I said earlier, my existing firewall is a little box from Linksys.
> those linksys puppies supposedly runs linux ...
> 	- we should be able to replace it's wep app with a new one
ah, that land of should.  I looked at a house there once.
Let us know when you have PROM images.

> - using wep or not does not make much difference..
> 	- "most" people's passwd is what??
> 	( 50% uses password or some variation of it
> 	( 25% uses their spouses names
> 	( 10% uses their atm pin#
Really.  You have some reference for this info?  Something you can cite?
I think you're making it up.

Anyhow, personal passwords are not the same as a shared WEP key, so
you fail to make a coherent point.

In our den is this month's wep key.  It's public for visitors.  If you can
get to where you can see it, you can just plug into the LAN.  OTOH, if
you plug into the LAN, you're still not trusted...
And you still can't spam.

> 	- guess how long it takes for a pc to brute force it all
About 100k packets and a few hours.  For a determined user.
Guess how long it takes me to get into a slamlocked door?
Guess how fast someone will come when the alarm goes off?

What is your point?  (use complete sentences)

> (one of the) ipsec howto
> 	http://jcs.org/ipsec_wep/
> 
> rest of the nite-nite readingz...
> 	http://www.Linux-Sec.net/Wireless

eliza dumps core trying to parse this.



More information about the Baylisa mailing list