D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] re homeplugs - VIP

 

On Sat, 23 Aug 2008 07:27:12 +0100, "Steph Foster" wrote:
> <quote>
> However, the "attacker" does need to know how to do this.
> ...........
>  I'll see them (physically) and I might as well invite them in, give
> 'em a cup of tea and
> convert them to running Linux. :)
> </quote>
> 
> Sorry Grant
> 
> I have to pop my head above the barricade and let fly with a few dozen
> rounds
> 
> Most serious and some less serious hackers are already attuned to Linux
> 
> Backtrack v3.0 is a Linux distro packed with hacking/penetration test
> tools on a Live CD.
> 
> As for knowing how to do it there are dozens of how-to's and forums
> dotted around with spoon fed instructions.
> 
> You can even get directional mini Yagis with sma connectors for
> wireless cards at Trago now !
> 
> As serious users we need to get people to wise up to the facts that
> WEP & WPA1 are insecure,
> 
> I could run a disassociation flood attack to your access point and
> then capture your three way handshake (WPA)
> 
> One simple brute force attack later and I'm inside your lan.
> 
> WEP is even easier still.
> 
> MAC filtering does bugger all as Backtrack has a nice little app
> called macchanger
> 
> Combine that with aircrack-pwn and a chop-chop attack and I'm knocking
> on your door for that cuppa.
> 
> 
> Two sugars please and do you have any biccies ?

Hi Steph,

Point taken about the fact that most crackers are already atuned to Linux.

My point still stands though.  This is the Devon & Cornwall LUG.  Sure, we
have our fair share of towns and a smattering of cities, but a rather large
portion of the computer using populating in D&C live in pretty rural
areas... hence my remark about being able to physically see my would-be
attacker and invite them in for a cuppa.

Sure, people should be more security minded - but let us not forget that
physical location of equipment is also a consideration.  I do not think
that a would-be attacker would necessarily be arsed to drive out to the
middle of beeping nowhere to hijack an insecure network.

I'll be sticking with my MAC address filtering for the time being. :)

Grant.


-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html