Came across http://www.youtube.com/watch?v=A88XB7_Jz7s&eurl= whilst reading www.automatedhome.co.uk - the disbelief on the guy's face is priceless.
Just goes to show how careful you need to be though!
Yeah, always use the highest level of security possible, hence why the Radius system is still on my list of To Do's.....
Hmm a few minutes bit quick tbh but hey... :D must have got lucky.
The thing that made me laugh is that, Paul their knowitall super hacker, kept referring to a wireless router as an "internet server". The mark is not running a web server you muppet!!!.
Anyway the program does show a genuine problem. Can your average teacher really setup WPA-PSK let alone a RADIUS box. All remote access solutions should be based on SSL or IPSec.
Radius Authentication at work is on my to-do list too... i have just set my WiFi up as WEP at work cause its the lowest common denominator for clients since not all my WiFi clients support WPA.. most do but not all!!!
though at home i use WEP128 cause my cisco 340AP only does WEP :-( ..at a super fast 11Mbps as well... does that mean that some one can hack me in 1 minute........
@K-strider - As its Cisco you will find that it will eat and loose packets that they are trying to steal :D Certainly a friend of mines Cisco seems to loose and eat packets at random, so much so we call it Pacman :D
Lol .. i'll keep my Pacman then since it will eat anything bad that comes my Way!!!!
I have my Access Point open deliberatly. That way, when the BPI comes knocking with the court summons I can say "It wasn't me, it was that guy in the white van outside!".
This wont wash nowadays somthing its now your responsability, its like leaving you keys in your car and saying i do not know why it was robbed.Quote:
Originally Posted by Geoff
Indeed. WEP is less than useful as an actual security measure. A few friends went through 3 years of UNI without paying for broadband :)
One enterprising one had 4 hackable networks overlapping his student house and built a linux box from an old pharmacy PC to loadbalance across them.
In school I use WPA2, Macrfiltering or a combination of both depending on the area of the school.
So I'm guilty until proven inoccent am I? I have 5 machines behind my router. Owned by various adult members of my household. I also have an access point anyone outside in the street is free to use. Exactly how is the <insert favorite movie/music industry group> supposed to prove which machine did it?Quote:
This wont wash nowadays somthing its now your responsability
By detecting the clock skew in the packets they send? :P
though there's already a util for *nix to randomise clock skew iirc
Anti Clock Skew Fingerprinting software is running on the router. It randomises all the packets leaving the network.
But surely Geoff if it's your equipment, and someone has performed a criminal act through it, the law will hold you partly responsible if you provided the gateway.
If it was criminal law yes, it would come under 'aiding and abeting', but it's not. Copyright infringment is a civil offence. So I'm not liable, exactly the same way as my ISP isn't. Of course they can request information from me to aid in their prosecution, but as I rotate my log files after a week there wouldn't be anything to provide.