Once, long ago--actually, on Wed, Feb 20, 2013 at 06:46:05AM CST--Tim
(ignored_mail...@yahoo.com.au) said:
> If you didn't know your neighbour well enough, in the first place, to
> mention in passing that their wireless was unsecured, that approach
> would be about the only thing I'd attempt to do about it.
You could use something like WiFi Analyzer on an android phone and just
walk your street. It'll report signal strength, but not try to get into
the network. When you hit peak signal, you're probably there.
> It strike me that most users will have Windows, and with Windows general
> reputation for insecurity, that wireless networks are going to be the
> next malware plague.
Hmm...I don't know about that. I've been working in the field for almost
40 years, and while in the early days I railed against all the open WiFi
WAPs (with all respect to Bruce, I disagree), in the past few years there
are far, far fewer of them. Moreover, most WEP devices are gone.
> To a large degree, a Windows box is protected from the internet by
> NAT in the router, ...
NAT is not a security protection. At best it's obfuscation. And if
someone comes into a LAN via it's WAP, they're on the _inside_, so NAT
doesn't apply, and they're behind the router border firewall (if any).
> ...and maybe a firewall on the PC.
Windows firewalls on XP were a joke. Windows 7 and 8 have much better
firewalls, but I've found a lot of businesses and individuals either turn
it off or open excessive permissions to get around restrictions when
they're trying things (often that they shouldn't), usually on the
assumption that since they're behind a border firewall/router, their LAN is
safe. Once within the network, someone can poke and prod to find holes,
spoof membership, etc.
> But the wireless network is on the LAN side, and Windows often treats
> the LAN side less stringently than the WAN side.
Well, it doesn't need to, but when they identify a LAN as Home or Work,
it's likely.
> I can well imagine something spreading through a series of LANs.
That's pretty much what happens right now, anyway. The difference here is
that with an open WiFi and poorly configured internal security on the LAN,
an intruder has most of the penetration work done for him/her.
Cheers,
--
Dave Ihnat
dih...@dminet.com
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
