D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] re homeplugs - VIP

 

On Fri, 22 Aug 2008 15:06:55 +0100, "Robin Cornelius" wrote:
> On Fri, Aug 22, 2008 at 2:11 PM, kevin <kevin.lucas@xxxxxxxxxxxxxxxxxx>
> wrote:
> 
>>> You could keep your existing network and apply ipsec encryption to it
>>> but this would require a router that can do ipsec or using a computer
>>> as a router which can easily have ipsec enabled etc.
>>>
>>> Robin
>>>
>> I just use the mac address filter
>> so only hardware I know about can  get on!
> 
> Maybe you would like me to demonstrate an ARP Spoof attack where i
> redirect all your traffic through my laptop and sniff your passwords
> and watch what websites you are visiting in real time. This is very
> very easy.
> 
> And as i can see packets wining around the network i can get your mac
> addresses and its trival on some hardware to change the mac address
> anyway so i can just spoof your one and bang i'm in your network.
> 
> Mac address filters are mostly worthless don't rely on them for any
> real security.
> 
> Robin

However, the "attacker" does need to know how to do this.

I personally only have my home WiFi "secured" through MAC address filtering
- sure, it's totally insecure from a security point of view, but if
someone's going to be hacking into my wireless network, I'll see them
(physically) and I might as well invite them in, give 'em a cup of tea and
convert them to running Linux. :)

Grant.


-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html