[Rhodes22-list] WiFi security - WEP 128 & MAC address, general topics
Hank
hnw555 at gmail.com
Sat Dec 8 12:28:08 EST 2007
Robert,
Just to quibble a little but it's TANSTAAFL (There ain't no such thing as a
free lunch). I believe it was first used in Robert Heinlein's book, "The
Moon is a Harsh Mistress". That was actually a candidate for the name for
my boat, but I now think I will go with LOCHAN, which is the fist two
letters of my kid's names (Lorilei, Charlie and Andrea).
Hank
On Dec 8, 2007 11:09 AM, Robert Skinner <robert at squirrelhaven.com> wrote:
> Rummy -
>
> Yup. I have my WiFi locked down to a list of MAC
> (machine address code) addresses. Unless the
> person knocking on my door knows the MAC address
> of one of my machines, can modify his WiFi MAC
> address to match one of mine, and mine is off the
> network at that time, I think he cannot get in.
>
> If someone knows where this form of security has a
> hole, I hope that he/she will speak up so I will
> know that I have a vulnerability.
>
> As to modifying a machine's WiFi machine address
> code (MAC), it is vendor-specific, and I would not
> publish the method for any one of them on the
> Internet. It is not a trivial modification, and
> is a proprietary trade secret, for good reason.
>
> Finally, keep in mind that your ISP can log any or
> all of your Internet traffic and will provide it
> to some government agency on request, regardless
> of any laws or guarantees to the contrary. Fact.
>
> Likewise, anyone who works at the ISP and has
> access to the routers can monitor and record any
> connection. Some bad guys work for ISPs.
>
> Personal preferences:
>
> I do not do on-line banking via the banks. I
> worked for a bank, and know that banks now accept
> some risks to customer accounts, figuring that
> perfect security is too expensive. They would
> rather hire lawyers to defend themselves against
> customer's suits.
>
> For example, there is no way that I can get any
> local bank to agree to refuse an electronic draft
> against my accounts. They are trying to get away
> from check processing entirely. Many scams
> depend on this.
>
> I have set up a credit card for on-line purchases.
> It has a very low credit limit. They keep trying
> to increase it, but I fight them off.
>
> I use PayPal where possible, and have that tied
> into a bank account with very limited funds and
> no overdraft protection.
>
> Bottom line:
>
> Ultimately, it is best secure what you can,
> obscure the rest, and assume that no communication
> is perfectly secure. Monitor your bank and credit
> accounts closely (as often as once a week), and
> change your passwords often on critical resources.
>
> Perfect security is impossible, good security is
> difficult and time-consuming, and the results of
> poor security can be disasterous.
>
> There Is No Such Thing As A Free Lunch.
>
> /Robert
> ---------------------------------------------------
> R22RumRunner at aol.com wrote:
> >
> > Robert,
> > Very good points. One additional thought, we have our network set up so
> that
> > it is not broadcasting. Unless you know the network SSID and access
> code,
> > you can't see it.
> > Now, with all this talk about security, one last item. Just because you
> have
> > encrypted your network and set up all the firewall's, this does not mean
> > that you are safe. There are free programs readily available on the
> internet
> > which can break WEP 128 encryption in less than a minute.
> >
> > Rummy
> >
> > **************************************Check out AOL's list of 2007's
> hottest
> > products.
> > (
> http://money.aol.com/special/hot-products-2007?NCID=aoltop00030000000001)
> > __________________________________________________
> > Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list
>
> --
> Robert Skinner "Squirrel Haven"
> Gorham, Maine 04038-1331
> s/v "Little Dipper" & "Edith P."
> __________________________________________________
> Use Rhodes22-list at rhodes22.org, Help? www.rhodes22.org/list
>
More information about the Rhodes22-list
mailing list