Wireless Security Attacks and Defenses 120
An anonymous reader writes "IT-Observer is running a comprehensive overview of wireless attacks and defenses. From the article: 'Wireless technology can provide numerous benefits in the business world. By deploying wireless networks, customers, partners, and employees are given the freedom of mobility from within and from outside of the organization. This can help businesses to increase productivity and effectiveness, lower costs and increase scalability, improve relationships with business partners, and attract new customers.'"
Article with pictures (Score:2, Informative)
Unbelievable fluff: why did it get posted??? (Score:3, Informative)
In a word, they should be punished. And someone should tape their eyes open while reading WiFoo or another good book on just how many zillion interesting hacks there are for wireless. And then, the site should get the check back-- if they were so silly as to have paid these guys.
And I wonder, how many more airy and light posts will there be, today? Slashdot Lite, less filling, less intelligent-- news for birds.
The article is 100% wrongheaded (Score:5, Informative)
Look at page 3. It's the one where they tell you what you should do to secure your network.
Bullshit. Everything you need to do this can be found on a single Linux LiveCD (Auditor Linux) including the kit for doing replay attacks. Only unmotivated "hackers" will fail to crack WEP.
Score: 0/1
Bullshit. Again, this will only get people who are unmotivated. MAC spoofing is a triviality. It typically will stop drive-by users of wifi, because they can usually find one that has no "protection" and they can use that. MAC restriction will NOT stop anyone who wants onto your network for any reason other than a minor whim.
Score: 0/2
Using a halfway decent scanner makes ANY settings changes you do (besides turning on WPA) utterly useless.
Score: 0/3
Again, a good scanner makes this irrelevant.
Score: 0/4
Uh, this is the same thing as "mac address blocking". They're the SAME FEATURE, just one is default accept, and the other is default deny.
Score: 0/5 (I should really assign a negative point for trying to use the same feature as a bullet point twice, but I'll be nice.)
If someone has physical access to your AP, you're fucked anyway. If they can do remote admin in your AP, you're an idiot anyway - and turning off remote admin isn't even listed as a good idea here.
Score: 0/6
No, it isn't. A few moments of sniffing will tell you what you need to know. Utterly useless and it just makes your life harder.
Score: 0/7
This article tells you nothing about how to effectively secure your network. In fact, it tells you to do a whole bunch of things that won't work.
Want to secure wifi? There is only one means to do so, and that is to use a tunnel with strong encryption. Whether you're using com
Article Can't Be Current (Score:4, Informative)
Re:The article is 100% wrongheaded (Score:3, Informative)
Even with its inherent weaknesses, Wireless Encryption Protocols or WEP is still a good method for preventing attackers from capturing your network traffic. Less-experienced hackers will probably not even attempt to capture data packets from a wireless network that is broadcasting using WEP.
Bullshit. Everything you need to do this can be found on a single Linux LiveCD (Auditor Linux) including the kit for doing replay attacks. Only unmotivated "hackers" will fail to crack WEP.
Basically he said something is better than nothing. A lock on your front door isn't going to stop someone serious about breaking in, but it will stop your neighbor from peaking around inside your house because you left your door wide open. While everything you noted is true, he wasn't claiming that WEP is secure and he noted that clearly. He only said it's better than nothing. He should have said WEP is better than having an open network for anyone to connect to instead of WEP is still a good method for preventing attackers from capturing your network traffic.
Re:The article is 100% wrongheaded (Score:2, Informative)
Re:The article is 100% wrongheaded (Score:1, Informative)