Advice wanted regarding setting up WiFi - fun

Chuck Yerkes chuck+baylisa at snew.com
Sun Apr 4 22:36:03 PDT 2004


Quoting Alvin Oga (alvin at Mail.Linux-Consulting.com):
> On Thu, 1 Apr 2004, Chuck Yerkes wrote:
> > Sometimes I'm amazed the messages make it through my Baysian filters...
> just to poke fun at ya too, i see you havent added my name to your filters
> to drop my mails :-)
No, but they usually catch random words with no clear grammar.

> > Quoting Alvin Oga (alvin at Mail.Linux-Consulting.com):
> > > - secure wireless logins doesn't seem to be too trivial .. always got
> > >   some form of gotchas
> > low SO acceptance factor to demand that s/he ssh to a machine to enable
> > authpf (obsd) to open access.  web page is easier and an 11 year old
> > can figure it out (I tested)
> 
> precisely why a home network ( user ) should never be allowed to VPN into 
> the corp network 
> 	- no way for the corp admin to maintain/secure the corp 
> 	data and network against the home pc and networks

or precisely why origin should not be considered authentication.
Project Athena, in 1988(1) dealt with computers in non-secured
areas (say, a home).

I tire of admins who seem to believe that if the connection
is a magical "VPN" connection, then all access should be
granted to that connection.

I've also dealt with several incidents that had break-ins
through remote users' connections.

Sites that seemed to believe that VPN was enough and things
like security tokens and limiting access from ALL machines.
One would have hoped, in 1994, that we'd have FEWER "soft
chewy centers" than then.  My experience is that every center
is soft and chewy.

I branch of a company I worked at ran the Athena stuff (folks
had written lots of it).  The root passwd was posted on the
wall.  Why? Because having root on the workstation didn't get
you anything (mostly, it got your a workstation that rebooted
and rebuilt itself).

> > > - using wep or not does not make much difference..
> > > 	- "most" people's passwd is what??
> > > 	( 50% uses password or some variation of it
> > > 	( 25% uses their spouses names
> > > 	( 10% uses their atm pin#
> > Really.  You have some reference for this info?  Something you can cite?
> 
> unfortunately for you and me ... it was a silly radio talk show ....
> and the results of their informal survey 

And wasn't it "Hackers" that offered that the most common
passwords used were: "Love", "Secret", "Sex" &  "God"

Don't always believe the media.

> i've tried "password survey"  and got just SAN's writeup which
> was interesting, but not the talk show's passwd survey
Because it was fiction...

> but the key and ssid comes from "easy to remember" words/phrases
> which is one reason why brute force can and have cracked wep
No, a poor encyption algorithm is why WEP is cracked easily.
This is not computer scientology.  It's not all wishes and guesses.
>



More information about the Baylisa mailing list