On Tue, Apr 26, 2011 at 7:33 AM, Aaron Toponce <aaron.topo...@gmail.com> wrote: > > I get it. WEP and WPA aren't meant for secure authentication, but for just > encrypting the packets. BUT, if the access point is secured with a truly > random 13-character passphrase, and the SSID is truly unique, I'm not > worried, unless I'm a target. The wardriver will likely move on to the AP > of least resistence, which will not be mine, and I won't have to worry > about SWAT kicking down my door.
WEP and WPA are easy to crack regardless of how good the passphrase or SSID used are. The existing tools can crack them in minutes. My suggestion is to not bother with any of the wireless security protocols--make it secure at your firewall: 1) simply leave your wireless wide open 2) at the firewall, do not route any traffic from the wireless ap 3) install openvpn--and only route traffic coming from the wired lan or the openvpn endpoint This has the benefit of allowing you to use your wireless lan as a honeypot if you are so inclined--because it's wide open any attackers will stop and try to use it, but will walk away frustrated. And if you logged, you may have enough data to actually help catch them. The obvious downside to this is that simple devices that can't make use of openvpn are either left in the lurch or you make an exception for them, which exception becomes the same vulnerability. (Nintendo DS, XBox, wifi-enabled phones/tablets, etc). /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
