|
Posted by Erik on December 8, 2006, 4:02 am
If you were Registered and logged in, you could reply and use other advanced thread options
Some families in my neighbourhood are using wireless internet without any
security.
I know that using security (password or Mac-address filtering) is often
advisable, but I would like to know better what risks are involved by having
an open wireless network:
1) Can virus spread across a wireless network between computers which are
only sharing the internet connection?
2) Is it possible for users sharing an internet connection to gain access to
files on other computers sharing the connection?
Thank you
Erik
|
|
Posted by Sebastian Gottschalk on December 8, 2006, 4:14 am
If you were Registered and logged in, you could reply and use other advanced thread options
Erik wrote:
> Some families in my neighbourhood are using wireless internet without any
> security.
>
> I know that using security (password or Mac-address filtering) is often
> advisable,
MAC address filtering is no security. It's pure illusion.
> 1) Can virus spread across a wireless network between computers which are
> only sharing the internet connection?
Well, yes, if there's a way to remote execute code.
> 2) Is it possible for users sharing an internet connection to gain access to
> files on other computers sharing the connection?
Well, yes, if you allow such access.
And you don't even care about abuse of the internet connection?
|
|
Posted by Todd H. on December 8, 2006, 10:24 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Some families in my neighbourhood are using wireless internet without any
> security.
>
>
>
> I know that using security (password or Mac-address filtering) is often
> advisable
MAC filtering is very easily bypassed by anyone other than casual
snoopers. The same can be said of WEP encryption which can be
broken in minutes using freely available tools.
>, but I would like to know better what risks are involved by having
> an open wireless network:
>
> 1) Can virus spread across a wireless network between computers which are
> only sharing the internet connection?
Absolutely, but that's an issue orthogonal to the whole wireless
equation, and more a risk of putting a group of computer on the same
network.
However, if you lack a hardware firewall or home office router today,
you'll be adding no additional risk of network based piece of malware
spreading to you from the internet right now. If you have a "software
firewall" or are using windows firewall on your machine already, and
if you configure it not to trust computers on your local area network,
you'll be in as good a shape as you are against internet based attacks
today.
> 2) Is it possible for users sharing an internet connection to gain access to
> files on other computers sharing the connection?
Absolutely. With similar caveats above though. The difference
between an internet based threat and one of a local area network is
often in how the packet filter software ("software firewall") is
configured. Many of these programs trust the computers on your LAN
implicitly, which if file sharing is being used, would leave them open
to a neighbor jumping on the open access point.
Other more worrisome things, however, would be johnny neighbor jumping
on the open access point, running script kiddie attacks against
goverment networks, then men in black start knocking on the front door
inquiring about the illegal hacking activity originating from that
internet connection.
If you want to frighten the neighbors into action, that's the threat
that's most compelling. And add that with directional antennas, the
attacker could be up to a mile away.
WPA security with a strong, random, long passphrase is what they
should implement. Don't bother with WEP or MAC based filtering, and
SSID hiding tends to cause the legitimate owner more headache in
getting legit computers configured than it provides in any obscurity.
Best Regards,
--
Todd H.
http://www.toddh.net/
|
|
Posted by John Hyde on December 11, 2006, 5:38 am
If you were Registered and logged in, you could reply and use other advanced thread options
>
>> Some families in my neighbourhood are using wireless internet without any
>> security.
>>
>><SNIP>
> WPA security with a strong, random, long passphrase is what they
> should implement. Don't bother with WEP or MAC based filtering,
Unless your hardware does not support WPA, then use what you have. Even
though it is easily broken, you should be using something until you
replace the hardware. And you *should* replace the hardware if it does
not support WPA
|
|
Posted by Sebastian Gottschalk on December 11, 2006, 2:32 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>> WPA security with a strong, random, long passphrase is what they
>> should implement. Don't bother with WEP or MAC based filtering,
>
> Unless your hardware does not support WPA, then use what you have.
What a nonsense.
> Even though it is easily broken, you should be using something until you
> replace the hardware.
Because it's easily, it's not "something" at all.
> And you *should* replace the hardware if it does not support WPA
Or something where a VPN client (OpenVPN, IPsec) runs.
|
| Similar Threads | Posted | | Re: Internet Security Software.(computer internet security) | April 27, 2008, 7:43 am |
| Wireless security | October 10, 2005, 12:51 pm |
| wireless security | June 22, 2006, 2:23 am |
| wireless security tools | May 6, 2007, 10:53 am |
| Technical Question on wireless security | July 17, 2005, 7:05 am |
| Wireless adapter security question | April 10, 2006, 1:35 pm |
| wireless router password security | May 7, 2008, 9:59 am |
| THE NON-WIRELESS WIRELESS NETWORK MONITORING SYSTEM | September 14, 2005, 11:38 am |
| Home wireless router security by limiting the number of available IP addresses | June 16, 2007, 11:06 pm |
| Public Wireless Network together with Private Wireless Network | November 15, 2007, 3:39 am |
|
XML site map