Perhaps you should read what I was replying to before you start flaming me.

I was merely replying to the general sentiment here that 'oh noez! the networks are compromised!!!111'

Anyone with half a brain knows that any effective security posture is done with defense in depth on the perimeter along with good endpoint security and user awareness.

( further reading for the interested http://www.symantec.com/connect/blogs/its-all-about-endpoints )

All hearings are these days is a convoluted way for politicos to take cheap shots at someone to boost their popularity at home.

It's called TLS/SSL. http://en.wikipedia.org/wiki/Transport_Layer_Security

As long as my computer and the server I connect to are malware free asymmetric cryptography (public-private keys) prevents an attacker from eavesdropping on the session.

You run the attack against wireless packets you captured. When it goes from encrypted garbage to normal, unencrypted traffic you know it worked.

You. Are. High.

Keep in mind how many regular non geek people probably get the net for the following reasons:

1. ebay
2. espn
3. *porn*

Some people want to be exploited ... like factory workers.

You don't NEED packet injection, you just need it if you want to break into the network anytime soon. Sitting and listening to normal traffic will eventually get you enough packets to attempt to break it.

For WPA you don't even need packet injection, just deauth a client that is connected, collect their reconnection packets, and then run a dictionary/brute force attack against the handshake.

(4) You running some sort of extremely mission critical server where shelling out $2500 a year is chump change compared to the cost having that thing stay down and/or telling management "I'm googling how to fix it" might not fly.

The real reason for a support contract is so when your mission critical server shits the bed, the internet isn't providing an answer, and management is breathing down your neck, you have someone to help figure out WTF happened and get it back online.

True but that one time where the shit really hits the fan and the interweb does not provide you a solution having that tech support (especially if you shelled out enough for the 24x7 phone tech support) might save your skin. Or at least let you foist blame.

I would always ask management for a Red hat license over just going with CentOS so when Armageddon hits the server room I can say "6 months ago when we bought these machines I requested X number of RedHat seats in case something happened, and that was denied."

This is kind of the trade off you get when going with CentOS instead of an actual RedHat install, you can't just call tech support if something is broken (and Redhat has pretty damn good tech support).

Or you could just lie to Dell and say you have Redhat installed and see if they will help you figure it out.

Please, show me one case of where this happened.

Paranoia is all good, but most people hate the government, and the government realizes it. "I hate the government and want to leave to prove it" Will get you ignored. "I hate the government and want to blow something up to prove it." Will get you attention.

Citation desperately needed.

Hi. Welcome to Slashdot. We don't believe in Santa Clause, the Tooth Fairy, good Republicans, or a rational argument.