Peter;182606 Wrote: > Mark Lanctot wrote: > > jonheal;182579 Wrote: > > > >> Being pretty much an idiot when it comes to networking stuff, > please > >> clarify something for me: > >> > >> As I understand it, encrypting your wireless broadcasts (hopefully) > >> prevents an eavesdropper from reading the packets you send out into > the > >> atmosphere. Protecting the integrity of your network, and the > machines > >> on it, is another matter entirely. Am I wrong in that assumption? > And > >> if all your broadcasting is music packets, is it that big of a deal > to > >> protect them? > >> > > > > I'm no more than a novice at this myself, but yes, this is something > > outside a normal LAN. If your machines are infected with various > > backdoors, it doesn't matter how secure your WPA2 passphrase > > is...although interestingly an attacker could still not find it out > > unless he was running a keylogger as you typed it in. > > > > But in regards to just broadcasting music packets and packets > destined > > for an SB, you need to protect them even more because: > > > > - there will always be traffic an attacker could monitor > > > > - when broadcasting music, a steady stream of packets will be > present > > to analyze > > > > As I understand it, these attacks work better when you have lots of > > packets to analyze. Once an attacker derives a passphrase, he can > (at > > the very least) use your IP address for whatever purpose he wants. > > This includes child porn - there have been several high-profile > busts > > recently where police are tracking offenders based on IP addresses, > and > > you would have to prove your wireless network was compromised in > > court...meanwhile your name would be published in the local media. > > > > Possibly, but the chances are rather small. I read an article on the > exact way of cracking a WEP protected network recently and the 'bad > guys' have devised a little trick to get lots of packets. They just > grab > one of your encrypted packets and (re)send it to one of your hosts. The > > host will receive the packet and reply to it, another packet to > analyze... The method used in the article required two PC's, a special > > Linux boot CD and two wireless cards with a specific chipset. Quite a > hassle still.. > > Once an attacker is on your LAN, he's also one step closer to > accessing > > your hard drive contents. Your router won't stop him, it'll be up > to > > software firewalls if he gets that far. Blocking by MAC address is > > useless here - he'll be able to see the MAC addresses of all the > > devices on your network and can clone one. > > > > It's a funny thing wireless security. If you leave your PC/network open > > to the internet you *will* be targeted by thousands or tens of > thousands > of (professional) automated hacking attempts. If you leave your > wireless > network open you will be open to attack by a dozen neighbours. The > chances of your neighbours wanting to target you and having the skill > to > do are possibly not so great. One of my neighbours has his network > open, > I even used it briefly once or twice, but I've never gone so far as > snooping around on it. The chances of anyone around me wanting to go > through the hassle of cracking a WEP key would be fairly slim. > > Then again I read an interesting attack recently in which the bad guys > > would drive thru the city with a PC that automatically looked for open > > networks with no encryption. The PC would be loaded with knowledge of > popular routers and their configs and default passwords and would > contact any routers it could find and change the DNS settings so it > would use a DNS server controlled by the attacker. By manipulating DNS > > responses they would be able to get between the victim and there > banking > websites. > > I'd take the trouble to set up WPA encryption if I were my neighbour. I > > don't know which one it is, perhaps I should snoop around a little ;) > > Regards, > Peter
Fortunately, I live on a cul-de-sac. I know all of the close neighbors. Should I see someone parked in the cul-de-sac with a laptop, I reckon I'll break out the Louisville Slugger, and said perp can figure on a wood shampoo. -- jonheal Jon Heal says: Have a nice day! http://www.theheals.org/ ~~~ SB3 (wired - 6.3.1) | Home-brew PC running XP Pro | DENON DRA-395 | PSB Stratus Bronze (2) | Outlaw Audio LFM-2 (1) | DIY Speaker Cables | Dayton Audio Interconnects ------------------------------------------------------------------------ jonheal's Profile: http://forums.slimdevices.com/member.php?userid=2133 View this thread: http://forums.slimdevices.com/showthread.php?t=32888 _______________________________________________ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
