RE: "Hackers take to the air" from the BBC

["Graham Howe" <graham@xxxxxxx>]

I would have thought that assigning static IP addresses instead of using
DHCP and then restricting your LAN/webserver to only accept those addresses
in the list would effectively prevent anyone from connecting from outside.
This would not of course prevent them from intercepting traffic, but there
is not much transmitted wirelessly in my house that would be sensitive. I
would suggest that another sensible precaution is to use wired devices for
stuff like online banking. Having said this, I am taking no precautions as
my walls are thick stone (2 foot thick behind my AP) and I am lucky to get
a
signal in the house, let alone outside. I also live in a village where we
have no cable and no adsl, it is not the sort of place that you would
associate with high tech!

Graham

> -----Original Message-----
> From: Broadfoot, Kieran J [mailto:Kieran.Broadfoot@xxxxxxx]
> Sent: 23 October 2001 12:06
> To: 'ukha_d@xxxxxxx'
> Subject: RE: [ukha_d] "Hackers take to the air" from the BBC
>
>
>
> I think security is a major concern and as anyone whos been
> on IRC for the
> last couple of days will know its an issue for me.  Being in
> central london
> I cannot rely on security through obscurity as Mark and
> others might living
> in Ireland and elsewhere round the country where there is
> possibly less
> wireless users.
>
> However I believe there are a number of things that might be
> advisable to do
> if you were being really paranoid.  They fall into two
> categories, ensuring
> no-one else uses your network and two, ensuring no-one can
> work out what you
> are sending across your network.
>
> i. Ensure your dhcp server only distributes addresses based
> on known MAC
> address.
> ii. Change SSID on wireless bridge to something other than
> the default.
> iii. disable SSID broadcasts from the birdge and manually set
> the SSID on
> the client machines
> iv. Consider using encrypted citrix services rather than TS
> (which I dont
> believe supports encryption)
> v. Never use telnet or other plain text protocols across your
> wireless lan.
> Use ssh instead.
> vi. Web browsing from an epod, ipaq etc could be secured by
> building an SSL
> enabled proxy on your home network.
> vii. For whats it worth use 128 WEP where possible.
> viii. Ensure latest firmware installed on bridge (short term
> fixes for the
> airsnort attacks should be coming out fairly soon).
> ix. Airsnort attacks rely on capturing between 100mb to 1gb
> of packets from
> the wireless lan before being able to decrypt the packet
> data.  Irregular
> use at non-regular times might make it harder for an attacker
> to collect
> enough data to be able to decrypt.  A form of security
> through obscurity but
> limiting to the user ;-)
>
> Can anyone suggest other useful things to secure your wireless lan?
>
> Thanks
> 	kieran
>
>
>
>
> -----Original Message-----
> From: Julian Samphire [mailto:jules@xxxxxxx]
> Sent: Tuesday, October 23, 2001 11:14 AM
> To: ukha_d@xxxxxxx
> Subject: [ukha_d] "Hackers take to the air" from the BBC
>
>
> http://news.bbc.co.uk/hi/english/sci/tech/newsid_1596000/1596033.stm
>
> ~Jules
>
>
>
>
> For more information: http://www.automatedhome.co.uk
> Post message: ukha_d@xxxxxxx
> Subscribe:  ukha_d-subscribe@xxxxxxx
> Unsubscribe:  ukha_d-unsubscribe@xxxxxxx
> List owner:  ukha_d-owner@xxxxxxx
>
> Your use of Yahoo! Groups is subject to
http://docs.yahoo.com/info/terms/



For more information: http://www.automatedhome.co.uk
Post message: ukha_d@xxxxxxx
Subscribe:  ukha_d-subscribe@xxxxxxx
Unsubscribe:  ukha_d-unsubscribe@xxxxxxx
List owner:  ukha_d-owner@xxxxxxx

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/