[ale] About Wireless Connectivity

Stuffed Crust pizza at shaftnet.org
Sun Mar 30 07:32:11 EST 2003 

On Sat, Mar 29, 2003 at 08:56:53PM -0500, Bob Toxen wrote:
> Why WEP is almost worthless?  Because it can be cracked in 12 hours or
> so by anyone who has $100 and 12 hours to spend.

Ya know, that doesn't sound worthless to me.  That's 12 hours that 
someone has to spend trying to break in.   

Sheesh,  Most people don't even have equivalent *physical* security 
around their setups, especially in an office environment with strangers 
around fairly often.

It would be rather trivial to break into my apartment and jack in 
directly, run a cable outside, or better yet, hook up a tiny 802.11 
ap/bridge and hide it so I can't see it.  

My machines at home are fairly hardened, but that won't matter if 
someone jacks 'em.

> Why MAC filtering is worthless?  This already was answered on ALE.  It is
> because it is trivial to spoof a MAC address.  Btw, for MAC filtering
> purposes, MAC addresses are not encrypted.

It's not worthless because it's "free", raising the barrier of entry yet
with complete transparency to legit users.

> Why SysAdmins don't turn on WEP?
> 
>   1. Procrastination.
>   2. "My network won't be breached."
>   3. Dunno know how and cannot be bothered to learn.

4.  users don't like the hassle of having to deal with WEP keys.
5.  "just want it to work"

See, what people dealing with security consistently forget to do is 
build a threat model of what they're trying to prevent.

Any security mechanism will be breached eventually if the perps are
willing, usually because what's protected is highly valuable. The trick 
is to make it so expensive that it's not worth it.

If someone manages to brak into my network, they can woo-hoo!  get 
online.  To do anything else they'd need to brute-force the passwords 
on my other boxen via ssh, which will take a considerable amount of time 
to pull off.  And my log skimmers will catch this very quickly.

Anyway.

 - Pizza
-- 
Solomon Peachy                                   pizza at f*cktheusers.org
                                                           ICQ #1318444
Quidquid latine dictum sit, altum viditur                 Melbourne, FL

 PGP signature

More information about the Ale mailing list