So, who is going to pay for the defense lessons, the body guards you suggest? OR are you assuming just everyone can afford to pay for these and/or has time to learn just to meet what you think they should do?
Depends on who you are. There are pleanty who would purposely crack the WEP and MAC filtered one just to show how unsecure it is. Out of the box is no challenge.
WPA.. now that is a different story. Especially combined with MAC filtering, no ssid broadcast, change the defaults, change channels to reduce the signal strenth, disabling dhcp, etc.. That is the one to use to make it "more" secure.
The whole point of the article anyway was to show that people realize how insecure wireless.
MAC filtering - it is easier to spoof a MAC than using Wepcrack to crack wep... its just s key change in teh regiatry or ifconfig in linux. And when reading packets, its not hard to find the MAC address to spoof or the ip scheme used..
Thank you! If people did not already have it in their mind that wireless was NOT secure... then it would not be as secure as they "thought" it was... hence they think it is not secure and they are right, it is NOT... being where they get it is as secure as they think it is. (love that play on words! .. its like trying to figure out triple and quardruple negatives with fuzzy logic)
(For the most part that is.. I have to agree there ARE ways to lock it down good and have it MORE secure than most believe it is(n't), but it will never have the security that wired does.)
Don't forget turn off DHCP and also change the channels. With different channels having different strengths, a lot of people overlook the fact that you want the wireless to be in the range of where
you are, but not past it.
Also.. I have seen countless number of people take those precautions BUT not change the default settings for the SSID and password <shakes her head>
As for if you have to use WEP.. unfortunately a lot of people still do. Netgear, Linksys, D-Link and others who did not have WPA on their firmware (or compatibility on the NIC) a few years ago...
There are still people running the same WAPS. Heck there are still some that don't even care if it is unsecured.. and do not understand why.
I had to do demonstrations to teach how to install wireless a couple of years ago.. and I also did many installs.
Some may call it cheesy, but I made a flash video of some of it one night when I was bored.
What do they mean by probing? Port scanning ? OS detection? Doing a whois or a dnslookup on the hostname? None of these are illegal or contribute unauthorized access to a system. Neither does using Lynx.
Port scanning is seeing if a port is open on a server. It is not illegal. All it does is send a packet to a port to see if the port responds or not. It is a very legitimate tool used by network admins. When you open a web browser, you are sending packets to port 80 on a webserver. If it responds, you know the port is open. You can test other ports the same way or with a tool that tests all. It can be known as a precursor for an attack by script kiddies, but nothing about it is illegal.
OS detection is just getting a fingerprint of a computer to see what operating system it is runining. Nothing illegal about that.
Doing a whois on a domian to see who owns it is redily availbe from arin.net. That is public information. What would be agaist policy is if someone lied on the domain registration, but not looking at the information to see who owns the site. That is what it is there for. The DNS ifo is there as well.
Lynx is a text based web browser. It is very popular and much faster to view websites via lynx. All it displays are content and links of a site. You can move from one page to another much faster because you do not have to wait for grpahics to load up. It is a standard browser availabe on most *nix boxes.
Would someone please enlighten me on what is "illegal" about any of that? Now if he tried to brute force his way into the websites ftp and was successful and replaced files, or gained ENTRY to the computer or server.. I could see it being illegal.
"Probing" a computer is not illegal. That is also a broad defination. What is illegal is gaining entry to one and altering or viewing content not meant to be seen.
They act like the SIMS2 nude patch is new. That is at least 3 years old and was present from the get go in the original SIMS game. If parents don't want their kids playing these games, the PARENTS need to be PARENTS and not let the kids play the game.
Stuff like this will always be out there. Why blame the video game for the lack of parenting. Are these people using video games as babysitters ? deja vu! Wasn't that the issue about tv years ago? Don't blame the video game for the lack of parenting skills - isntead maybe parents need to be parents again instead of finding something else to blame for what he/she could have prevented by spending time with the kid and actually being a parent instead of whining about the video game the kid plays.
Techdirt has not posted any stories submitted by aleeya.net.