[MLB-WIRELESS] The Wireless Esky - more detail.

Andy Freeman Andy.Freeman at kawasaki.kz
Tue Jan 29 22:54:24 EST 2002


The web page doesn't show all that I found.  Access points had names
like "ABC123" and "default" I doubt very much that the owners of these
access points did much thinking about security at all when the best SSID
name they could think of was those.  One other SSID was a six digit
number, I assume it was the techo's bank card pin number or the access
code to the alarm. (Don't get me started on bad passwords!)

When an access point assigns you a DHCP IP address and gateway address
you know there isn't much in the way of security.  Forget "blowfish" and
SSH, one site that I looked at was running a web server on their gateway
machine with a "IT infrastructure map" linked off the main page.  From
out in the street I knew how many machines were on the network, the
locations of their servers and the size on the wireless hop to the
remote site (and what was there when I got there). 

Equal to: "Keys in the door and coffee on the table waiting for me"

My real point was that you should be aware of security.  It doesn't have
to be bullet-proof, just more secure than your nearest neighbour and the
hacker will most likely pick the softer target.  The other option is to
be able to restore your data easily... daily... maybe hourly, because if
you create a target they will come.

A.



-------------
Recipe for fun: 

79 Ford Escort - 802.11 Wireless
(net stumble and war driving in the "The Wireless Esky")

http://kawasaki.kz/wireless/




--
To unsubscribe, send mail to minordomo at melbwireless.dyndns.org with a subject of 'unsubscribe melbwireless'  
Archive at: http://melbwireless.dyndns.org/cgi-bin/minorweb.pl?A=LIST&L=melbwireless
IRC at: au.austnet.org #melb-wireless



More information about the Melbwireless mailing list