[MLB-WIRELESS] How not to go war driving....

Mon Nov 24 15:26:43 EST 2003

We all know WEP is trivial to crack with the right tools. What I'm saying
is that it's a good deterent in that *most* wardrivers won't bother with a
WEP network when they've got 10 more in their list that have no WEP.

Whenever someone asks me about security I tell them straight out, if you
want security, use Cat5 not wireless.  If you are that desperate for
wireless the best you can do with minimal hassle is a deterrent only. MAC
restrictions, WEP (with a good WEP key) and a meaningless SSID, will
without a doubt deter most wardrivers as most wardrivers are nothing more
than geeks with a laptop and Netstumbler.  They're aware that WEP can be
cracked, they often don't realise they can sniff packets for a valid MAC
and change their own card to that address.

I've spoken to *many* people about wireless who have no idea about my
knowledge of wireless or my affiliation with Melbwireless and time and time
again I listen to them rattle off some crap about their amazing
hacking/wardriving skills.  

When I delve further I find all they really did was drive around in the car
with a laptop and Netstumbler.

When I delve even further they have no idea about linux or how to go about
cracking WEP. They have never heard of Kismet. They have no idea how to
change their cards MAC address. etc.

I would say Melbwireless members are some of the most if not the most
knowledgable wireless users in Melbourne.  If you're going to fear someone
*cracking* into your network, fear the guy who serves you a sausage at the
next meeting.

(stop sniggering it wasn't a metaphor ;) ) 

>On Mon, 24 Nov 2003 01:42 pm, Ryan Abbenhuys wrote:
>I think we will have to beg to differ, but, just so that I'm understood...
>
>your wrong, I'm right nyah nyah nyah!
>
>basically, beter people than me have pointed out why WEP is a bad idea -
on 
>the basis that it is better to implement no security at all than a veneer
of 
>security that doesn't work.
>
>If you are going to bother with security, do it properly. Or don't do it
at 
>all.
>
>in terms of legality, the act of wardriving itself is clearly a breach of
the 
>telecoms act regardless of the use to which that activity is put.  whether

>WEP is active or not! I'm not allowed to look at your network without your

>permission!
>
>How can we claim theft when we operate a public network? by saying "this
is 
>not allowed"? If we implement WEP &/or MAC obscurity, first we have to
catch 
>someone breaking in.... which we cannot do without paying attention to the

>network (intruder detection - ID). Having WEP and MAC obs. will just blind

>one into thinking that the network is secure enough to not bother with ID.
>
>consider what is being done when an intruder wardrives you. If you have 
>nothing worth stealing, what's the problem?
>
>if you have something worth stealing why would you bother with a broken 
>security feature?
>
>I do not believe the people who wardrive will be discouraged by WEP &/or
MAC 
>obs.  consider the mind set of people who WD?! WPE + MAC obs = challenge! 

>red rag to a bull and all that.
>
>and this is for an open public network!!!
>
>a better idea would be to leave WEP off and implement a decent firewall.
>
>
>-- 
>Dr Paul van den Bergen
>Centre for Advanced Internet Architectures
>caia.swin.edu.au
>pvandenbergen at swin.edu.au
>IM:bulwynkl2002
>"And some run up hill and down dale, knapping the chucky stones 
>to pieces wi' hammers, like so many road makers run daft. 
>They say it is to see how the world was made."
>Sir Walter Scott, St. Ronan's Well 1824 
>
>

To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message