RE: Wirless Bleeding - How to stop it?
From: Burton M. Strauss III (bstrauss3@attbi.com)Date: 08/16/02
- Previous message: Stephen Marriott: "Re: Odd problem: thoughts..."
- In reply to: McLaughlin, Bryan: "RE: Wirless Bleeding - How to stop it?"
- Next in thread: Shaolin Tiger: "RE: Wirless Bleeding - How to stop it? - Thanks to everyone!"
- Next in thread: Noah Salzman: "Re: Wirless Bleeding - How to stop it?"
- Reply: Shaolin Tiger: "RE: Wirless Bleeding - How to stop it? - Thanks to everyone!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Burton M. Strauss III" <bstrauss3@attbi.com> To: <security-basics@securityfocus.com> Date: Fri, 16 Aug 2002 10:53:44 -0500
All good ideas.
The other thing to do is to set the AP to only permit specific MAC addresses
to connect to it. That feature is now available even on the inexpensive
ones (most - check the specs).
This means then, that only somebody who listens to your traffic (say when
you're at home), then spoofs the MAC address - will be able to get it.
As Bryan says, at that point, most people just move on to the next target
(or break a window and STEAL the dang thing).
-----Burton
-----Original Message-----
From: McLaughlin, Bryan [mailto:bsm14096@ad.creighton.edu]
Sent: Thursday, August 15, 2002 4:39 PM
To: Shaolin Tiger; security-basics@securityfocus.com
Subject: RE: Wirless Bleeding - How to stop it?
Shaolin,
Some access points allow you to set a transmission speed. If you can
set your AP to transmit at only 11mbs (only allow stations to associate
at 11mbs) this will only allow connections close to the AP, limiting the
effective signal distance.
If you cannot limit the transmission speed I would change the SSID to
something obscure, turn off the SSID broadcast, and implement WEP. By
changing the default SSID and turning off the broadcast you will limit
access to those who know you have a wireless AP and those who are
determined to hitch a ride. If you are still concerned you can change
your WEP key regularly.
Unprotected APs are so common that most people will not bother trying to
sniff your SSID and move to an easier target.
If you are running WinXP on the Clients you can also implement 802.1x
authentication using one of the supported EAP varieties.
If you are concerned about a neighbor hitching a ride for free you can
always offer them cheap wireless broadband access by charging them for
the WEP keys (probably against you broadband provider's covenants and
possibly illegal in some areas).
Bryan
-----Original Message-----
From: Shaolin Tiger [mailto:shaolin@shaolin-tiger.com]
Sent: Wednesday, August 14, 2002 10:26 AM
To: security-basics@securityfocus.com
Subject: Wirless Bleeding - How to stop it?
I have a wireless access point (very cheap) that I can't limit the
signal
strength via the software.
The AP is already located in the basement which helps somewhat. I'm
bleeding
(2.4 GHz) out about 2 homes in each direction now. What can I do to keep
the
signal radius within 20 yards or so of my home at low or no cost?
Thx
Shaolin
.: http://www.security-forums.com :.
Share your knowledge.
It's a way to achieve
Immortality.
- Previous message: Stephen Marriott: "Re: Odd problem: thoughts..."
- In reply to: McLaughlin, Bryan: "RE: Wirless Bleeding - How to stop it?"
- Next in thread: Shaolin Tiger: "RE: Wirless Bleeding - How to stop it? - Thanks to everyone!"
- Next in thread: Noah Salzman: "Re: Wirless Bleeding - How to stop it?"
- Reply: Shaolin Tiger: "RE: Wirless Bleeding - How to stop it? - Thanks to everyone!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
