|
The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024
|
|
[Date Prev][Date
Next][Thread Prev][Thread Next][Date
Index][Thread Index]
RE: Re: 802.11b / Consume...
Theres been a couple of articles on slashdot.org recently about
wireless
security and Ive been working on my own setup here. As far as I
am
concerned if you can run wep then its a good thing to do. Airsnort
and the
like require a large amount of traffic to be grabbed before the wep keys
can
be determined. With WEP, static IPs and a firewall with thoughtful
rules in
place then 95% of all those who attempt to crack your infrastructure
will
give up pretty quick. The more layers of security you can put in
place the
better because each layer will cause more to give up as the task
becomes
more complex. Oh, and dont ever forget to patch your firewall
;-)
One other thing to note that if someone is watching your wireless system
the
minute you switch off an epod or fuji they could potentially spoof both
the
ip address and mac address. Id look to add another security layer or
two on
top. Alongside Patricks suggestion for web access from a particular
ip
address maybe also have the web server on your internal network expect
a
cookie as well to determine its a real MarkH machine. A simple little
piece
of code to implement but another gotcha for the would be hacker.
Of course all this relates to wireless to internal network connections
and
not specifically to making your wireless vlan open to your adsl line.
If
you would want to make your adsl line open to your wireless lan maybe
setup
logging on your proxy to ensure you can see where people have been. I
have
no objection to people using my line as long as its nothing thats going
to
be causing me problems with the law or using up my entire pipe when i
want
to be downloading some software and the like ;-)
Thanks
kieran
-----Original Message-----
From: Mark Harrison [mailto:Mark.Harrison@xxxxxxx]
Subject: RE: [ukha_d] Re: 802.11b / Consume...
Duh - static IP addresses! Of course!
Thanks, Patrick... that's the way I'll do it. I'm not really worried
about
sniffing. I only have about 5 devices that I want to be wireless, so
they
can have static IPs easily... while living on the DMZ.
Regards,
Mark
Yahoo! Groups
Sponsor |
ADVERTISEMENT
| |
http://www.automatedhome.co.uk
Post message: ukha_d@xxxxxxx
Subscribe: ukha_d-subscribe@xxxxxxx
Unsubscribe: ukha_d-unsubscribe@xxxxxxx
List owner: ukha_d-owner@xxxxxxx
List of UKHA Groups here - http://groups.yahoo.com/group/UKHA_Grouplists/
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
Home |
Main Index |
Thread Index
|
|