Wireless security - Networking

This is a discussion on Wireless security - Networking ; I need some help securing my wireless access point. I am new to wireless networking but I do know ethernet. I have no problems with my setup other than I need to secure this network somehow. I have a Linksys ...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 24

Thread: Wireless security

  1. Wireless security


    I need some help securing my wireless access point. I am new to wireless
    networking but I do know ethernet.

    I have no problems with my setup other than I need to secure this network
    somehow.

    I have a Linksys WRT54G wireless router that I would like to enable some
    kind of encryption on it as it is running unrestricted.

    It has the following options: WPA Personal, WPA Enterprise, WPA2 Personal,
    WPA2 Enterprise, Radius and WEP.

    I connect to it through from a desktop and a notebook both using a broadcom
    chip set card.

    iwlist gives me the following options:

    wlan0 2 key sizes : 40, 104bits
    4 keys available :
    [1]: off
    [2]: off
    [3]: off
    [4]: off
    Current Transmit Key: [1]
    Authentication capabilities :
    WPA
    WPA2
    CIPHER TKIP
    CIPHER CCMP

    Which encryption method should I choose and how do I configure it?

    Thankyou

    --
    Dancin in the ruins tonight
    Tayo'y Mga Pinoy

  2. Re: Wireless security

    Baho Utot wrote:
    > I need some help securing my wireless access point. I am new to wireless
    > networking but I do know ethernet.
    >
    > I have no problems with my setup other than I need to secure this network
    > somehow.
    >
    > I have a Linksys WRT54G wireless router that I would like to enable some
    > kind of encryption on it as it is running unrestricted.
    >
    > It has the following options: WPA Personal, WPA Enterprise, WPA2 Personal,
    > WPA2 Enterprise, Radius and WEP.
    >
    > I connect to it through from a desktop and a notebook both using a broadcom
    > chip set card.
    >
    > iwlist gives me the following options:
    >
    > wlan0 2 key sizes : 40, 104bits
    > 4 keys available :
    > [1]: off
    > [2]: off
    > [3]: off
    > [4]: off
    > Current Transmit Key: [1]
    > Authentication capabilities :
    > WPA
    > WPA2
    > CIPHER TKIP
    > CIPHER CCMP
    >
    > Which encryption method should I choose and how do I configure it?


    The best option for a home network is probably WPA2-Personal (aka
    WPA-PSK - pre-shared key). You configure encryption per WAP using
    wpa_supplicant.

    Put ...
    key_mgmt=WPA-PSK
    proto=WPA2
    pairwise=CCMP
    group=CCMP
    psk=
    .... in the wpa_supplicant.conf file. The man page has examples to set
    up the rest. You can generate 256 bits of random noise as your key and
    enter them as hex digits for the psk if you're really paranoid.

  3. Re: Wireless security

    Baho Utot wrote:

    > Which encryption method should I choose and how do I configure
    > it?


    WPA2 Personal, also called WPA2-PSK (Pre Shared Key). You have to
    install and configure wpa_supplicant on your Linux Box.

    DON'T use WEP. WEP is so insecure, that you might consider it
    unencrypted. There are tools that break a WEP encryption within
    few minutes, by injecting special packets.

    Wolfgang Draxinger
    --
    E-Mail address works, Jabber: hexarith@jabber.org, ICQ: 134682867


  4. Re: Wireless security

    Wolfgang Draxinger wrote:

    > DON'T use WEP. WEP is so insecure, that you might consider it
    > unencrypted. There are tools that break a WEP encryption within
    > few minutes, by injecting special packets.


    I know this is the accepted wisdom,
    but I don't entirely agree with it.

    It is like saying that it is not worth locking your house
    with a Yale lock, because a thief will know how to pick it.
    Weak security is much better than no security.

    Obviously it depends on where you live,
    and how valuable the data on your computer is.
    In my case, for instance, I know and trust everyone
    within WiFi range of my house,
    so we are talking of someone in a car
    lurking somewhere in the vicinity,
    choosing my computer system to break into,
    and having the necessary computer savvy to break a WEP key.

    The probability of this happening is very small, in my view,
    and there are much more likely causes of computer disaster
    such as power outages, fire, flood or traditional theft.

    In my view, for most people, in most circumstances,
    WEP provides adequate WiFi security.

    (I would advise people, whether they are using WiFi or not,
    to encrypt any private information with a strong encryptor.)






  5. Re: Wireless security

    On Sat, 24 Nov 2007, in the Usenet newsgroup comp.os.linux.networking, in
    article , Timothy Murphy wrote:

    >Wolfgang Draxinger wrote:


    >> DON'T use WEP. WEP is so insecure, that you might consider it
    >> unencrypted. There are tools that break a WEP encryption within
    >> few minutes, by injecting special packets.


    Actually, tools are available that are much faster - seconds.

    Newsgroups: alt.internet.wireless
    Subject: Cracking WEP in less than 60 seconds
    Date: Sun, 15 Apr 2007 22:59:09 -0700

    >It is like saying that it is not worth locking your house
    >with a Yale lock, because a thief will know how to pick it.


    Call on line 2 from some lawyers representing the Yale Lock Company.
    Something about "Product Defamation"...

    >Weak security is much better than no security.


    Not really - in this case it's 'False Security' is worse than No Security.

    >Obviously it depends on where you live, and how valuable the data on
    >your computer is. In my case, for instance, I know and trust everyone
    >within WiFi range of my house,


    You should really be checking out to ~3-5 times as far, given that the
    bad guy may be using a 10 to 15 dBi antenna, which has the effect of
    increasing the maximum range by that multiple in a given direction.

    >so we are talking of someone in a car lurking somewhere in the
    >vicinity, choosing my computer system to break into,


    Very little choosing about it - more random chance than anything.

    >and having the necessary computer savvy to break a WEP key.


    You mean some ten-year-old who can use any search engine? They are
    skript kiddiez - they are merely following instructions prepared by
    someone else. They don't have to have (and usually don't have) any
    real computer skills. I think the funniest thing I've ever seen is
    a paper log showing some skript kiddie trying to install a root kit
    and having a _terrible_ time, caused by typing mistakes. When they
    are having problems running 'pico', you know their skills are not
    there.

    >The probability of this happening is very small, in my view,
    >and there are much more likely causes of computer disaster
    >such as power outages, fire, flood or traditional theft.


    Perhaps - but modern wireless gear comes with the far superior WPA2
    capability, so why choose to use a security device made of wet
    tissue? Yes, you do have to choose a stronger password than 'AAA'...

    >In my view, for most people, in most circumstances,
    >WEP provides adequate WiFi security.
    >
    >(I would advise people, whether they are using WiFi or not,
    >to encrypt any private information with a strong encryptor.)


    Why not use the encrypted link, so that your private information is
    protected AND you don't have some bad guy using your computer link
    to plot the violent overthrow of Air Lingus? Or are the plods
    in Dublin so much more computer savvy that they recognize that your
    computer is merely being used as an open relay and that there is no
    reason to bring you in for questioning?

    Old guy

  6. Re: Wireless security


    "Allen Kistler" wrote in message
    news:9VJ1j.64565$RX.40917@newssvr11.news.prodigy.n et...
    > Baho Utot wrote:
    >> I need some help securing my wireless access point. I am new to wireless
    >> networking but I do know ethernet.
    >>
    >> I have no problems with my setup other than I need to secure this network
    >> somehow.
    >>
    >> I have a Linksys WRT54G wireless router that I would like to enable some
    >> kind of encryption on it as it is running unrestricted.
    >>
    >> It has the following options: WPA Personal, WPA Enterprise, WPA2
    >> Personal,
    >> WPA2 Enterprise, Radius and WEP.
    >>
    >> I connect to it through from a desktop and a notebook both using a
    >> broadcom
    >> chip set card.
    >>
    >> iwlist gives me the following options:
    >>
    >> wlan0 2 key sizes : 40, 104bits
    >> 4 keys available :
    >> [1]: off
    >> [2]: off
    >> [3]: off
    >> [4]: off
    >> Current Transmit Key: [1]
    >> Authentication capabilities :
    >> WPA
    >> WPA2
    >> CIPHER TKIP
    >> CIPHER CCMP
    >>
    >> Which encryption method should I choose and how do I configure it?

    >
    > The best option for a home network is probably WPA2-Personal (aka
    > WPA-PSK - pre-shared key). You configure encryption per WAP using
    > wpa_supplicant.
    >
    > Put ...
    > key_mgmt=WPA-PSK
    > proto=WPA2
    > pairwise=CCMP
    > group=CCMP
    > psk=
    > ... in the wpa_supplicant.conf file. The man page has examples to set
    > up the rest. You can generate 256 bits of random noise as your key and
    > enter them as hex digits for the psk if you're really paranoid.


    Allen;
    I saw this post, had just upgraded Ubuntu from 7.04 to 7.10, and saw the
    option of using WPA-Personal and WPA-Personal 2 for authentication. I was
    using WEP 64 bit, knowing it could be hacked. However, I can't get the WPA
    to work I finally got WEP back working after over an hour.
    What should I look for? (magic?)
    tnx
    doug



  7. Re: Wireless security

    In article , Moe Trin wrote:
    > Why not use the encrypted link, so that your private information is


    My own approach is simply not to use wireless as it is the least reliable
    and least secure networking technology available. If you want fast, stable,
    and secure connections, wire the house for ethernet.

    --
    Roger Blake
    (Subtract 10s for email.)

  8. Re: Wireless security

    On Fri, 23 Nov 2007 18:30:09 -0500, Baho Utot wrote:

    >
    > I need some help securing my wireless access point. I am new to wireless
    > networking but I do know ethernet.
    >
    > I have no problems with my setup other than I need to secure this network
    > somehow.
    >
    > I have a Linksys WRT54G wireless router that I would like to enable some
    > kind of encryption on it as it is running unrestricted.
    >
    > It has the following options: WPA Personal, WPA Enterprise, WPA2 Personal,
    > WPA2 Enterprise, Radius and WEP.
    >
    > I connect to it through from a desktop and a notebook both using a broadcom
    > chip set card.
    >
    > iwlist gives me the following options:
    >
    > wlan0 2 key sizes : 40, 104bits
    > 4 keys available :
    > [1]: off
    > [2]: off
    > [3]: off
    > [4]: off
    > Current Transmit Key: [1]
    > Authentication capabilities :
    > WPA
    > WPA2
    > CIPHER TKIP
    > CIPHER CCMP
    >
    > Which encryption method should I choose and how do I configure it?
    >
    > Thankyou


    Easiest first step: disable broadcasting of ESSID. Not terribly secure, I
    realize, but it's difficult to connect to a network if you can't find it's
    name.


  9. Re: Wireless security

    On 24 Nov 2007, in the Usenet newsgroup comp.os.linux.networking, in article
    , Roger Blake wrote:

    > Moe Trin wrote:


    >> Why not use the encrypted link, so that your private information is


    >My own approach is simply not to use wireless as it is the least reliable
    >and least secure networking technology available. If you want fast, stable,
    >and secure connections, wire the house for ethernet.


    I know what you are saying (and happen to agree with you - after I bought
    my current house, but before moving in, I spent a day installing conduit
    from the attic into each room to allow later cabling), but not everyone
    is able to do so. This could be because the house is a rental, or a
    lack of access to a place (attic or cellar/crawlspace) to run the cables,
    or a house-mate who objects to those nasty wires running all over.

    In the USA, there is a _recommendation_ that new construction houses
    include cabling. In practice, this often means the electrician's
    apprentice installing CAT1 wiring (twisted pairs of wet string) and
    stapling it to the studs, making replacement with CAT5e or 6 (or
    fiber) virtually impossible.

    As far as security goes, the recommendation is ALWAYS to use a good
    (at least 20 characters - not dictionary words) passphrase, and you're
    pretty safe even with the older WPA algorithms. With WPA2 (using AES
    encryption which had no known attack methods last I investigated),
    the link will be secure, and what you then have to worry about is the
    bad guys getting physical access to your system and installing a key
    sniffer, because they're not going to get in through cryptanalysis.

    Old guy


  10. Re: Wireless security

    Moe Trin wrote:

    >>Obviously it depends on where you live, and how valuable the data on
    >>your computer is. In my case, for instance, I know and trust everyone
    >>within WiFi range of my house,

    >
    > You should really be checking out to ~3-5 times as far, given that the
    > bad guy may be using a 10 to 15 dBi antenna, which has the effect of
    > increasing the maximum range by that multiple in a given direction.
    >
    >>so we are talking of someone in a car lurking somewhere in the
    >>vicinity, choosing my computer system to break into,

    >
    > Very little choosing about it - more random chance than anything.


    But why would anyone go to the trouble?
    I don't know where you live, but it is quite a serious offence here
    (and everywhere in the EU, I think) to break into a computer system.

    >>and having the necessary computer savvy to break a WEP key.

    >
    > You mean some ten-year-old who can use any search engine?


    Again, I very much doubt if there are any 10 year olds in Dublin
    with the knowledge and desire to do this.

    I would say that there are far less than 1000 people in Dublin
    with the ability to do this (most of them college students),
    and of those less than a dozen would go round trying to break into
    random computer systems.
    And of those, 90% would choose a system with a large number of users -
    a college system, in fact.

    Say there are 2 million computers in Dublin.
    The probability of someone trying to break into mine
    I would estimate at less that 0.001% per year.
    It's not worth worrying about risks that low.

    I regard most of the worry about WiFi security
    as part of the general paranoia about security
    which seems to have overtaken the world since 9/11.

    Rational security policy must take some account
    of the statistical probability of hostile action.





  11. Re: Wireless security

    Timothy Murphy writes:

    > Moe Trin wrote:
    >
    >>>Obviously it depends on where you live, and how valuable the data on
    >>>your computer is. In my case, for instance, I know and trust everyone
    >>>within WiFi range of my house,

    >>
    >> You should really be checking out to ~3-5 times as far, given that the
    >> bad guy may be using a 10 to 15 dBi antenna, which has the effect of
    >> increasing the maximum range by that multiple in a given direction.
    >>
    >>>so we are talking of someone in a car lurking somewhere in the
    >>>vicinity, choosing my computer system to break into,

    >>
    >> Very little choosing about it - more random chance than anything.

    >
    > But why would anyone go to the trouble?
    > I don't know where you live, but it is quite a serious offence here
    > (and everywhere in the EU, I think) to break into a computer system.
    >
    >>>and having the necessary computer savvy to break a WEP key.

    >>
    >> You mean some ten-year-old who can use any search engine?

    >
    > Again, I very much doubt if there are any 10 year olds in Dublin
    > with the knowledge and desire to do this.
    >
    > I would say that there are far less than 1000 people in Dublin
    > with the ability to do this (most of them college students),
    > and of those less than a dozen would go round trying to break into
    > random computer systems.
    > And of those, 90% would choose a system with a large number of users -
    > a college system, in fact.
    >
    > Say there are 2 million computers in Dublin.
    > The probability of someone trying to break into mine
    > I would estimate at less that 0.001% per year.
    > It's not worth worrying about risks that low.
    >
    > I regard most of the worry about WiFi security
    > as part of the general paranoia about security
    > which seems to have overtaken the world since 9/11.
    >
    > Rational security policy must take some account
    > of the statistical probability of hostile action.


    My thinking tends to be like Timothy's. Perhaps I'm too trusting. In my
    opinion the greatest potential problem with unencrypted wifi in a safe
    environment (like my own upper middle-class neighborhood) is that a
    neighbor will unintentionally connect to my network and suck
    bandwidth. A keyed WEP handles that.

    The other side of the coin, however, is that if WPA is relatively easy
    to employ, why not utilize it and be safe? I believe, at least for my
    system (Fedora 8 and a Netgear wg311v3/ndiswrapper), this is NOT the
    case, i.e., it's going to be a real pain to get WPA working.
    --
    % Randy Yates % "She tells me that she likes me very much,
    %% Fuquay-Varina, NC % but when I try to touch, she makes it
    %%% 919-577-9882 % all too clear."
    %%%% % 'Yours Truly, 2095', *Time*, ELO
    http://www.digitalsignallabs.com

  12. Re: Wireless security

    Randy Yates wrote:

    > Timothy Murphy writes:
    >


    [putolin]

    >
    > My thinking tends to be like Timothy's. Perhaps I'm too trusting. In my
    > opinion the greatest potential problem with unencrypted wifi in a safe
    > environment (like my own upper middle-class neighborhood) is that a
    > neighbor will unintentionally connect to my network and suck
    > bandwidth. A keyed WEP handles that.
    >
    > The other side of the coin, however, is that if WPA is relatively easy
    > to employ, why not utilize it and be safe? I believe, at least for my
    > system (Fedora 8 and a Netgear wg311v3/ndiswrapper), this is NOT the
    > case, i.e., it's going to be a real pain to get WPA working.


    As the OP I am Thankfull for the information that I have received here.
    Upon trying to setup WPA/WPA2 with wpa_supplicant it appears it only works
    with the broadcomm wl.o driver. I need to use the bcmwl5.sys firmware cut
    out with the fw-cutter.

    I am going to try next to get WEP working and if I am successful I will
    again try to get WPA2 working

    Thank you every one.



    --
    Dancin in the ruins tonight
    Tayo'y Mga Pinoy

  13. Re: Wireless security

    Timothy Murphy writes:

    >Moe Trin wrote:


    >>>Obviously it depends on where you live, and how valuable the data on
    >>>your computer is. In my case, for instance, I know and trust everyone
    >>>within WiFi range of my house,

    >>
    >> You should really be checking out to ~3-5 times as far, given that the
    >> bad guy may be using a 10 to 15 dBi antenna, which has the effect of
    >> increasing the maximum range by that multiple in a given direction.
    >>
    >>>so we are talking of someone in a car lurking somewhere in the
    >>>vicinity, choosing my computer system to break into,

    >>
    >> Very little choosing about it - more random chance than anything.


    >But why would anyone go to the trouble?
    >I don't know where you live, but it is quite a serious offence here
    >(and everywhere in the EU, I think) to break into a computer system.


    Who is breaking in? You advertise that you have a wifi access point, they
    make use of it.

    And also, how much have those laws stopped tons of spam/phishing spewing
    out of EU computers? Almost all of them are from cracked computers.



    >>>and having the necessary computer savvy to break a WEP key.

    >>
    >> You mean some ten-year-old who can use any search engine?


    >Again, I very much doubt if there are any 10 year olds in Dublin
    >with the knowledge and desire to do this.


    Wanna bet? It is easy and there are loads of computer savy 10 year olds in
    Dublin.


    >I would say that there are far less than 1000 people in Dublin
    >with the ability to do this (most of them college students),
    >and of those less than a dozen would go round trying to break into
    >random computer systems.


    You dream. The method for breaking WEP is easily accessible, and what it
    requires is to run a program. Do you really think that there are only 1000
    people in Dublin capable of running programs?


    >And of those, 90% would choose a system with a large number of users -
    >a college system, in fact.


    Breaking into a wifi access point is NOT breaking into computers. It is
    being able to use that access point, and log onto the net anonymously.
    Also you can sell a broken into computer to the spammers and phishers
    around the world.



    >Say there are 2 million computers in Dublin.


    That means there are 2 million poeple capable of running programs.

    >The probability of someone trying to break into mine
    >I would estimate at less that 0.001% per year.
    >It's not worth worrying about risks that low.


    Fine. Keep dreaming.



    >I regard most of the worry about WiFi security
    >as part of the general paranoia about security
    >which seems to have overtaken the world since 9/11.


    >Rational security policy must take some account
    >of the statistical probability of hostile action.


    Of course. However estimation of that probability must be done with some
    knowledge, not via idiotic unknowledgeable estimates.

    http://www.securityfocus.com/infocus/1824
    for a discussion.






  14. Re: Wireless security

    Unruh wrote:

    >>I don't know where you live, but it is quite a serious offence here
    >>(and everywhere in the EU, I think) to break into a computer system.

    >
    > Who is breaking in? You advertise that you have a wifi access point, they
    > make use of it.


    As I understood it, the discussion was about an access point with a WEP key.
    Someone cracking any key in order to enter a computer
    would in my view have committed a serious offence,
    punishable in Ireland by a sentence of up to 10 years
    (Criminal Damage Act 1991).

    > The method for breaking WEP is easily accessible, and what it
    > requires is to run a program. Do you really think that there are only 1000
    > people in Dublin capable of running programs?


    It's probably easy enough to pick a lock,
    but most people don't feel the urge to try it.

    > http://www.securityfocus.com/infocus/1824
    > for a discussion.


    I agree that it is reasonably easy to crack WEP
    (discussed in the above URL).

    But as I said, a person would be very foolish
    to try to break into my system,
    as he would be risking serious punishment for zero gain.

    Much of the security hysteria is generated by companies
    with an interest in raising people's fears.
    I find most of the media discussion of this matter
    ludicrously mis-informed.

    Most computer-related theft is very low-level,
    eg phishing for simple-minded users.









  15. Re: Wireless security

    Moe Trin wrote:

    >>Rational security policy must take some account
    >>of the statistical probability of hostile action.

    >
    > If that action can be prevented (or at least the risk minimized) at no
    > cost, why not? Most "modern" systems come with SSL, which has virtually
    > eliminated use of 'telnet'. Likewise, most modern systems come with WPA
    > authentication capability. Why not use it?


    I agree completely.
    People would be silly not to use WPA if it is as simple as WEP.
    Unfortunately it is not in many (probably most) cases,
    under Linux or Windows, as many postings here testify.
    My argument was with those who say that WEP is useless.

    It is actually easier to use ssh/scp than rsh or telnet,
    so the issue does not arise there.



  16. Re: Wireless security

    Timothy Murphy wrote:
    > Moe Trin wrote:
    >
    >>> Rational security policy must take some account
    >>> of the statistical probability of hostile action.

    >> If that action can be prevented (or at least the risk minimized) at no
    >> cost, why not? Most "modern" systems come with SSL, which has virtually
    >> eliminated use of 'telnet'. Likewise, most modern systems come with WPA
    >> authentication capability. Why not use it?

    >
    > I agree completely.
    > People would be silly not to use WPA if it is as simple as WEP.
    > Unfortunately it is not in many (probably most) cases,
    > under Linux or Windows, as many postings here testify.
    > My argument was with those who say that WEP is useless.
    >
    > It is actually easier to use ssh/scp than rsh or telnet,
    > so the issue does not arise there.
    >
    >

    huh ?
    telnet is a lot easier than ssh !

  17. Re: Wireless security

    goarilla <"kevin DOT paulus AT skynet DOT be"> wrote:

    >> It is actually easier to use ssh/scp than rsh or telnet,
    >> so the issue does not arise there.
    >>
    >>

    > huh ?
    > telnet is a lot easier than ssh !


    [tim@elizabeth ~]$ telnet alfred
    Trying 192.168.2.1...
    telnet: connect to address 192.168.2.1: Connection refused
    [tim@elizabeth ~]$ ssh alfred
    Last login: Sun Nov 25 23:19:25 2007 from 192.168.2.11



  18. Re: Wireless security

    Timothy Murphy wrote:
    > goarilla <"kevin DOT paulus AT skynet DOT be"> wrote:
    >
    >>> It is actually easier to use ssh/scp than rsh or telnet,
    >>> so the issue does not arise there.
    >>>
    >>>

    >> huh ?
    >> telnet is a lot easier than ssh !

    >
    > [tim@elizabeth ~]$ telnet alfred
    > Trying 192.168.2.1...
    > telnet: connect to address 192.168.2.1: Connection refused
    > [tim@elizabeth ~]$ ssh alfred
    > Last login: Sun Nov 25 23:19:25 2007 from 192.168.2.11
    >
    >

    huh so telnetd is not enabled or filtered at that host what does that
    have to do with anything
    the only thing i can think of you finding telnet easier is that if you
    type something wrong
    at login you're basically screwed, since PUSH packets are send at every
    instance of user
    input

    you seem to have PKI enabled and thus use keys, did you read some doc's
    or some howto's on how to do that
    or did that knowledge simply came to you in a vision ?

    well it's a lot easier to setup a telnet deamon ... than a sshd daemon.
    and well ... you don't have to use telnet for just telnet it's much much
    more
    although nc is the better tool for that, telnet still is the most common
    on multiple platforms.
    even microsoft includes a telnet client, although it's a pretty broken
    version.

  19. Re: Wireless security

    goarilla wrote:
    > Timothy Murphy wrote:
    >> goarilla <"kevin DOT paulus AT skynet DOT be"> wrote:
    >>
    >>>> It is actually easier to use ssh/scp than rsh or telnet,
    >>>> so the issue does not arise there.
    >>>>
    >>>>
    >>> huh ?
    >>> telnet is a lot easier than ssh !

    >>
    >> [tim@elizabeth ~]$ telnet alfred
    >> Trying 192.168.2.1...
    >> telnet: connect to address 192.168.2.1: Connection refused
    >> [tim@elizabeth ~]$ ssh alfred
    >> Last login: Sun Nov 25 23:19:25 2007 from 192.168.2.11
    >>
    >>

    > huh so telnetd is not enabled or filtered at that host what does that
    > have to do with anything
    > the only thing i can think of you finding telnet easier is that if you
    > type something wrong
    > at login you're basically screwed, since PUSH packets are send at every
    > instance of user
    > input
    >
    > you seem to have PKI enabled and thus use keys, did you read some doc's
    > or some howto's on how to do that
    > or did that knowledge simply came to you in a vision ?


    Did knowledge of how to set up a telnet daemon come to you in a vision
    too? ;P SSH is as easy as telnet, at least on Unix. Obviously, you
    need to read documentation on how to set it up, both for SSH as well as
    for telnet.

    But these days you don't even need to do that; you simply install the
    thing the vendor's media or site and it usually is already configured.

  20. Re: Wireless security

    Doug Holtz wrote:
    > "Allen Kistler" wrote in message
    > news:9VJ1j.64565$RX.40917@newssvr11.news.prodigy.n et...
    >> Baho Utot wrote:
    >>> I need some help securing my wireless access point. I am new to wireless
    >>> networking but I do know ethernet.
    >>>
    >>> I have no problems with my setup other than I need to secure this network
    >>> somehow.
    >>>
    >>> I have a Linksys WRT54G wireless router that I would like to enable some
    >>> kind of encryption on it as it is running unrestricted.
    >>>
    >>> It has the following options: WPA Personal, WPA Enterprise, WPA2
    >>> Personal,
    >>> WPA2 Enterprise, Radius and WEP.
    >>>
    >>> I connect to it through from a desktop and a notebook both using a
    >>> broadcom
    >>> chip set card.
    >>>
    >>> iwlist gives me the following options:
    >>>
    >>> wlan0 2 key sizes : 40, 104bits
    >>> 4 keys available :
    >>> [1]: off
    >>> [2]: off
    >>> [3]: off
    >>> [4]: off
    >>> Current Transmit Key: [1]
    >>> Authentication capabilities :
    >>> WPA
    >>> WPA2
    >>> CIPHER TKIP
    >>> CIPHER CCMP
    >>>
    >>> Which encryption method should I choose and how do I configure it?

    >> The best option for a home network is probably WPA2-Personal (aka
    >> WPA-PSK - pre-shared key). You configure encryption per WAP using
    >> wpa_supplicant.
    >>
    >> Put ...
    >> key_mgmt=WPA-PSK
    >> proto=WPA2
    >> pairwise=CCMP
    >> group=CCMP
    >> psk=
    >> ... in the wpa_supplicant.conf file. The man page has examples to set
    >> up the rest. You can generate 256 bits of random noise as your key and
    >> enter them as hex digits for the psk if you're really paranoid.

    >
    > Allen;
    > I saw this post, had just upgraded Ubuntu from 7.04 to 7.10, and saw the
    > option of using WPA-Personal and WPA-Personal 2 for authentication. I was
    > using WEP 64 bit, knowing it could be hacked. However, I can't get the WPA
    > to work I finally got WEP back working after over an hour.
    > What should I look for? (magic?)


    Not every kernel driver for every wireless card works with WPA, sadly.
    I varies by hardware and distro. I've had success with Fedora and Intel
    2200/2915/2945. Not so much with RHEL and Intel 4965 yet.

+ Reply to Thread
Page 1 of 2 1 2 LastLast