RE: RE: Wireless Security (Part 2)

Sorry Mike, I don't understand whether you're agreeing with me or
disagreeing with me here. Are you saying that I was suggesting that Herman
SHOULDN'T investigate? I wasn't saying that and I apologies if I wasn't
clear. I was saying that securing is as important as monitoring.

What does this mean?
It is reasons like yours that democracy exists.
As for being 'responsible' for someone who has tapped your connection there
have been cases which leant in both directions as to the legal outcome. I
don't have the link to the story but the Register did run a story about a
guy who was cleared of child pr0n charges as he
he had spyware on his machine. That downloaded some dialer I believe which
downloaded stuff he had no idea about. Forensics helped in this case.
Obviously if one could show that there had been some tapping then that would
count in one's favour if a charge did arise.
I don't actually remember telling Herman he couldn't check to see who it was
and even work out where he was if he had the right tools. I do remember
saying that he can't access the intruder's computer by law. As Craig pointed
out, two wrongs and all that. If someone breaks into my house I can't break
into their house for revenge or to find evidence.
I don't remember suggesting that he shouldn't 'cut him off' (the intruder).
In fact by suggesting WPA as a conf/authentication mechanism I think that
was exactly what I was doing.
Your suggestion about weakening the signal strength is a good start and no,
I don't think you're being paranoid.





Regards
Murad Talukdar

-----Original Message-----
From: mikem@xxxxxxxxxxx [mailto:mikem@xxxxxxxxxxx]
Sent: Thursday, May 18, 2006 5:08 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: RE: Wireless Security (Part 2)

Murad Talukdar -

It is reasons like yours that democracy exists.
It is your right in the USA (if so you live here) and several other
countries to evaluate anything you want on any system attaching to something
you own. (I am not very knowledgeable about other countries IT policies.)
I feel as the owner of any network system that one must take it upon
themselves to monitor/maintain/evaluate your network constantly for possible
threats or rogue devices. If the proper steps are taken to ensure proper
client registration/authentication/verification then all unknown devices
should be identified in any way possible to prevent unauthorized/malicious
content. If your wireless is seeing too many users try reducing your signal
strength, and if it is for a neighbors benefit I suggest cutting them off.
As security moves forward it is a matter of time before "IP tapping" begins
(It already is beginning for some of you I know). With that said every time
you call tech support and give them your name, address or even in some cases
your SS# they place that information in to a database that accesses all
information they need to identify you and the hardware they installed or you
registered at your house. Somewhere in your agreement you signed (digitally
or physical) it states you are responsible for anything connected to the
device. So I ask you, is it still an issue to find out who is using your
internet access at all times? What would happen if your guest grabbed some
child pornography, yes you would have some definite issues that is for
certain. Or with the laws on "National Security" you have someone jump on
your network, download plans for a nuclear attack all the while spoofing
your machine just because they need to hide. It is not very hard and could
happen more than you o
r I would want to know. Now I know this might sound paranoid or obsessive
compulsive but what happens when you get raided and they take everything and
scare the hell out of your family/friends. No they don't give you your stuff
back and you might get off without any issues. That is if you can prove you
don't know who is on your system.
Please do what you can to secure your information; convenience is not always
a good thing!

Relevant Pages

  • Re: [fw-wiz] Is NAT in OpenBSD PF UPnP enabled or Non UPnP?
    ... >> of measurable security benefit. ... > manage a network which was formed years before UPnP was invented. ... is trustworthy and what makes it one way or another. ... I could try and preempt the entire discussion by saying unless you've ...
    (Firewall-Wizards)
  • Re: Bold numbers in ordered lists
    ... Yes it is OK in the special sense, but does that make it OK? ... I am not suggesting anyone should call an ol a table or a specially ... list whenever an author feels like it for no particular good reason. ... You are basically saying I am completely wrong about the most crucial ...
    (comp.infosystems.www.authoring.stylesheets)
  • RE: IDS vs. IPS deployment feedback
    ... While I can appreciate what you are saying, ... IDS vs. IPS deployment feedback ... An IPS must be part of a larger security ... and is for the sole use of the intended recipient. ...
    (Focus-IDS)
  • Re: Macros, not enabling them or disabling them but stopping the warning message.
    ... I am not saying that. ... greatest as of late - suggesting that the help facilities of the ... I apologize for my harsh tone, and perhaps now that I have had a bit to ...
    (microsoft.public.windowsxp.general)
  • Re: Reset root password
    ... >> from different departments) saying they don't care for security at all. ... it could be time for an IT manager to have a talk with the ... If it's not for some reason (admin left the ...
    (comp.os.linux.security)