[ale] kismet

Hogg, Russell E ctcrreho at opm.gov
Wed Feb 12 10:41:28 EST 2003 






-VPN is the best thing 
-Then use WEP (128)
-Then MAC filtering
-Then get rid of DHCP (make em work harder to get an IP)
-Also you can use the correct antenna to limit your coverage area.  Remember that lots of people have better client antennas than you and there are 8 watt 2.4 ghz amps out the floating around, but not many people have them in their cars.

-Turn off BROADCAST if you can (some cards wont work without it)
-Change your SSID to something that doesn't describe you (don't use your name or address or anything that could help a "social engineer"

-make sure you change the default passwords to your AP.


If you got real security concerns look at the networks security appliances from AirDefense.




Russ







__________________________________
ctcrreho at opm.gov



-> -----Original Message-----
-> From: Geoffrey [mailto:esoteric at 3times25.net]
-> Sent: Wednesday, February 12, 2003 10:34 AM
-> To: ale at ale.org
-> Subject: Re: [ale] kimset
-> 
-> cfowler wrote:
-> > A VPN is part of an acceptable solution.  But that only protects the
-> > data in that tunnel.  the #1 problem is that 802.11b allows anyone to
-> > :"plug-in".  Its the same as me dragging a 100' piece of cat-5 from my
-> > 100mb switch to the curb at home.  Anyone can plug that in and I can
-> not
-> > stop them.  What I have to do is secure it and make it difficult to
-> > plug-in so that someone may not be motivated enough to do it.
-> 
-> I love this stuff.  I was not aware of that.  Cool.  So, how is this
-> done?  Firewall and such, as well as restricting connectivity via Mac?
-> Do these devices have mac addresses?
-> 
-> What else do you do to secure this thing?  (image of cat5 cable flopping
-> around in the front yard....)
-> 
-> 
-> --
-> Until later: Geoffrey                esoteric at 3times25.net
-> 
-> The latest, most widespread virus?  Microsoft end user agreement.
-> Think about it...
-> 
-> _______________________________________________
-> Ale mailing list
-> Ale at ale.org
-> http://www.ale.org/mailman/listinfo/ale
-> 
-> 
-> -------------------------------
-> --  Even though this E-Mail has been scanned and found clean of
-> --  known viruses, OPM can not guarantee this message is virus free.
-> -------------------------------
-> --  This message was automatically generated.
-> -------------------------------

More information about the Ale mailing list