[Cialug] DI-634M

Tim Champion timchampion at gmail.com
Wed Jun 9 22:59:51 CDT 2010


Interesting how the question asked was trying to get old wifi cards to
connect to a router, and the conversation has morphed into why WEP sux, and
why you shouldn't do it, and get something better.  Not that I have a good
answer, but here's a novel concept, lets at least attempt to answer the
question or help troubleshot the issue.

Personally, I might turn off all encryption for a while, and see if that
solves the problem. That would tell me if that card has the ability to
connect to that router at all.  I have resorted turning off encryption
completely, and putting a white list of MAC addresses of computers that are
allowed to connect. Yes, people could spoof a MAC addr, but I know my
neighbors, and they're not that smart.

Tim Champion
timchampion at gmail.com


On Wed, Jun 9, 2010 at 10:11 PM, Edward Meacham <ed at edmeacham.com> wrote:

> Josh++
>
> He's right - WEP is stupid simple to crack now days... open a program, pick
> a wifinet, and wait. Scary sometimes how fast it can be done, too; a few
> hours... sometimes less. Regardless, if you're not worried about it, and
> they aren't worried about, then okay; you have the right to know I think is
> all Josh is getting at. (and judging by his sig, I think his advice is
> qualified) :)
>
> If your friend's heart is set on wireless, they should probably swing for a
> better card. A decent card might set them back $50-$100, but that's
> minuscule in comparison to what could be spent on a lawyer and/or fines if
> someone were to gain access to and use the service for dirty deeds. <DONE
> DIRT CHEAP />
>
>
>
> On Wed, Jun 9, 2010 at 4:07 PM, Josh More <MoreJ at alliancetechnologies.net>wrote:
>
>> They can crack the key.  That means that they can read all non-encrypted
>> traffic (i.e., HTTP is readable, HTTPS is not).  They can also authenticate
>> to the WAP (by providing the key) and be on your network.  From there it
>> depends on network design.
>>
>> If you're using MAC filtering, they can usually bypass it.  If you're
>> using DHCP, they can usually statically assign something in that range and
>> have it work.  None of this, of course, matters much if your wireless
>> traffic goes to a DMZ and then out to the Internet*... especially if you're
>> doing egress filtering.  However, if you're like most people and just slap a
>> WAP on your internal network and trust WEP with a key of "Password123" to
>> keep your stuff secure, you have a problem.
>>
>> Not as big a problem as running a node of the Global Linksys Mesh Network,
>> but a problem nonetheless.
>>
>> * Unless you're being targeted by someone who downloads illegal stuff
>> using your wifi to get you into trouble with the authorities.
>>
>>
>> -Josh More, CISSP, GIAC-GSLC, GIAC-GCIH, RHCE, NCLP
>> morej at alliancetechnologies.net
>> 515-245-7701
>>
>> ________________________________________
>> From: cialug-bounces at cialug.org [cialug-bounces at cialug.org] on behalf of
>> Todd Walton [tdwalton at gmail.com]
>> Sent: Wednesday, June 09, 2010 16:02
>> To: Central Iowa Linux Users Group
>> Subject: Re: [Cialug] DI-634M
>>
>> On Wed, Jun 9, 2010 at 3:55 PM, Josh More
>> <MoreJ at alliancetechnologies.net> wrote:
>> > 1) WEP can be cracked easily these days.
>>
>> Question: What exactly is cracked?  Is it just that a person will be
>> able to read traffic to and from the router?  Or could they also
>> connect to the router and get Internet access by cracking WEP?
>>
>> --
>> Todd
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
>>
>
>
>
> --
> EdwardMeacham - www.edmeacham.com
> AIM: E472155 GoogleTalk: emeacham at gmail.com
> ph. 641.744.2069 c. 515.480.5033
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20100609/fd0e75cc/attachment-0001.htm 


More information about the Cialug mailing list