[BLUG] ID theft via wardriving (URL) (fwd)
Steven Black
blacks at indiana.edu
Fri Aug 8 14:29:21 EDT 2008
On Fri, Aug 08, 2008 at 10:54:48AM -0700, Beartooth wrote:
> So for those of us who don't want to provide access to every stranger
> within reach, what protection is good?
The current rage is WPA2[1] / IEEE 802.11i[2]. This is what IU is now
using with its "IU Secure"[3] SSID.
[1] http://www.wi-fi.org/knowledge_center/wpa2/
[2] http://en.wikipedia.org/wiki/IEEE_802.11i-2004
[3] http://kb.iu.edu/data/awws.html (What is IU Secure?)
The MAC thing can be used, but with programmable MAC addresses, if
that's the only security a person can snoop on your network, pick up
your MAC address and simply reprogram their MAC address. Then they can
surf your network and everything gets logged as if it were you. (Perhaps
they want to watch your house a little to make sure they pick times
where you won't be home.)
Not to mention, that with just MAC filtering, all your communication
continues to be in the clear, so in addition to poorly protecting your
network, it doesn't protect your data at all.
To an extent it is like most security. It doesn't need to be perfect, it
just needs to be good enough that the criminals look elsewhere.
--
Steven Black <blacks at indiana.edu> / KeyID: 8596FA8E
Fingerprint: 108C 089C EFA4 832C BF07 78C2 DE71 5433 8596 FA8E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.cs.indiana.edu/pipermail/blug/attachments/20080808/b161c14f/attachment.bin
More information about the BLUG
mailing list