Setting Up a Router:
James Michael Fultz
croooow at gmail.com
Sat Oct 3 03:55:57 UTC 2009
* Pastor JW <pastor_jw at the-inner-circle.org> [2009-10-02 20:10 -0700]:
> Wireless should be a convenience for yourself in your home not for others.
> Exclusion based on MAC addresses is a quick and easy way to do just that.
> You can also add encryption but it slows your access down thereby interfering
> with your access more than deterring others. [...]
WPA/WPA2 with AES and a key of significant length (>=40 characters) is
currently unbreakable.
MAC address is filtering is useless as a security measure.
<http://www.oreillynet.com/pub/a/wireless/excerpt/wirlsshacks_chap1/>
"The easy way is to select the network you are interested in (hit ss to
sort by SSID, and arrow down to it if necessary) and then view the
associated clients (hit c). Presto, you have a list of MAC addresses for
clients that are using the network, and presumably are on the permitted
MAC table. Wireless clients send their MAC address in the clear,
regardless of whether the AP requires WEP or not."
<http://blogs.zdnet.com/Ou/index.php?p=43>
"... Once the MAC address is seen in the clear, it takes about 10
seconds to cut-paste a legitimate MAC address in to the wireless
Ethernet adapter settings and the whole scheme is defeated. MAC
filtering is absolutely worthless since it is one of the easiest schemes
to attack. ..."
> [...] Ubuntu comes with a reasonable firewall and you can harden it
> as you see fit to suit your circumstances.
> [...]
The firewall on your desktop computer does nothing about someone
breaching the (in)security of your wireless AP and misusing your
Internet connection.
More information about the ubuntu-users
mailing list