Wireless Security
[WARNING - NOT VIRUS SCANNED]Robin's Pandora's Box - AKA: The Bruce doesn't secure his Wi-Fi comment... Jun 18 2008 01:30PM
Seth Fogie (seth fogieonline com)
The following is an attempt to save the members of this list from some
20+ responses to Robin's email. While interesting, I doubt everyone
wants to get slammed with so many replies. The responses are
inline...obvious insults and flames were removed. Please reply directly
to the sender, or keep the comments somewhat relative :)

Robin's original email:
Subject:
Bruce doesn't secure his wireless
From:
"Robin Wood" <dninja (at) gmail (dot) com [email concealed]>
Date:
Tue, 17 Jun 2008 22:54:24 +0100
To:
"wifisec (at) securityfocus (dot) com [email concealed]" <wifisec (at) securityfocus (dot) com [email concealed]>

Hi
Does anyone else feel confident enough about their home network
security to run an unprotected wireless network like Bruce Schneier ?

http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110

I can see his argument but I'm still going to keep mine secured.

Robin

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
"Thomas Jaynes" <thomas.jaynes (at) gmail (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 00:03:22 -0400
To:
"The Dark Sniper" <thedarksniper (at) gmail (dot) com [email concealed]>
CC:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

Bruce "Mother Fuckin" Schneier does not use default passwords. If you
did that to his router, he comes home, realizes there's a script
kiddie in the neighborhood, resets his router, then rapes your data.
Cause you sure as shit are not going to get into his computer(s).

http://geekz.co.uk/schneierfacts/

"If I configure my computer to be secure regardless of the network
it's on, then it simply doesn't matter."

If you're worried about your data, you shouldn't be using wireless in
the first place. Knowing your data is ONLY going across a cable on the
floor should be the only thing that lets you sleep at night. WPA is
brute forceable under what? 23 characters in the key? With this, and a
secure competent router, you should be able to leave the wifi in it's
own and set up another block for your personal wired use.

On Tue, Jun 17, 2008 at 10:40 PM, The Dark Sniper
<thedarksniper (at) gmail (dot) com [email concealed]> wrote:

> > And what do you suppose might happen if I take my laptop, connect
to his
> > network, type in 192.168.1.1 (or do a host scan and look for a dhcp
server)
> > login useing the default router password ( a quick google search),
enable
> > WPA TKIP, add a password and enable MAC address filtering so only
my laptop
> > could use it? What happens then
> >
> > And just think ... I'm only 17 years old LOL
> >
> > -Tommy
> >
> > Sent from my iPod
> >
> > On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:
> >
>
>> >> Hi
>> >> Does anyone else feel confident enough about their home network
>> >> security to run an unprotected wireless network like Bruce Schneier ?
>> >>
>> >>
>> >>
http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110
>> >>
>> >> I can see his argument but I'm still going to keep mine secured.
>> >>
>> >> Robin
>>
> >
>

--
Your obedient servant,
Thomas Jaynes(tj)
Ron Paul 2008
http://www.ronpaul2008.com/
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." - Benjamin Franklin (1706
- 1790), Historical Review of Pennsylvania, 1759

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
"Andrew Becherer" <andrew (at) becherer (dot) org [email concealed]>
Date:
Tue, 17 Jun 2008 21:05:00 -0700
To:
"The Dark Sniper" <thedarksniper (at) gmail (dot) com [email concealed]>
CC:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

On Tue, Jun 17, 2008 at 7:40 PM, The Dark Sniper
<thedarksniper (at) gmail (dot) com [email concealed]> wrote:
> > And what do you suppose might happen if I take my laptop, connect
to his
> > network, type in 192.168.1.1

Regardless of whether or not Bruce has changed the default password on
his router, it appears Bruce believes it is unlikely anyone will sit
outside of his house and do anything malicious. Check out a few of his
recent books (or his blog) to understand his thoughts on assessing
risk.

On a side note I believe routers with default passwords are more at
risk for remote CSRF attacks than local attacks.

--

************************************************************************
*****************
Subject:
Re: Bruce doesn't secure his wireless
From:
"Kurt Buff" <kurt.buff (at) gmail (dot) com [email concealed]>
Date:
Tue, 17 Jun 2008 21:09:26 -0700
To:
"The Dark Sniper" <thedarksniper (at) gmail (dot) com [email concealed]>
CC:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

Oh, I'll bet he's put Administrative passwords on his equipment -
that's basic security, and he's definitely not stupid.

He just doesn't care much if you leach a bit of his bandwidth, and
believes that leaving it open like that is less legally risky. See
paragraph four for that.

On Tue, Jun 17, 2008 at 7:40 PM, The Dark Sniper
<thedarksniper (at) gmail (dot) com [email concealed]> wrote:
> > And what do you suppose might happen if I take my laptop, connect
to his
> > network, type in 192.168.1.1 (or do a host scan and look for a dhcp
server)
> > login useing the default router password ( a quick google search),
enable
> > WPA TKIP, add a password and enable MAC address filtering so only
my laptop
> > could use it? What happens then
> >
> > And just think ... I'm only 17 years old LOL
> >
> > -Tommy
> >
> > Sent from my iPod
> >
> > On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:
> >
>> >> Hi
>> >> Does anyone else feel confident enough about their home network
>> >> security to run an unprotected wireless network like Bruce Schneier ?
>> >>
>> >>
>> >>
http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110
>> >>
>> >> I can see his argument but I'm still going to keep mine secured.
>> >>
>> >> Robin
> >

Andrew

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
Terrence <secretpackets (at) gmail (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 00:36:32 -0400
To:
"wifisec (at) securityfocus (dot) com [email concealed]" <wifisec (at) securityfocus (dot) com [email concealed]>

You are missing the point. He is just saying there is more of a need
for functionality than security.

Also, doing that would just make you an ass.

-tuna

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
Orlin Gueorguiev <orlin (at) baturov (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 06:46:40 +0200
To:
wifisec (at) securityfocus (dot) com [email concealed]

He will reset his router configuration. I'm not 17 years old LOL! Don't
forget young Skywaker, that whenever you have physical access to a
maschine,
there is always a way to hack it!

btw nobody said he has left the password unchanged
btw2 why scanning for dhcp? It works on the broadcast (255.55.255.255)
so the
dhcp will automaticly reply!
btw3 watch southpark! it rocks!

And the point is that if you live in a quiet zone, where only you can
connect
to your wireless, than it might work. But if you live in an urbanized area,
where other 30 people can "hear" your wireless from their homes, then you
might think that some of Schneider's arguments are quite unrealistic.
Especially when all of those people are students. You can say goodbye to
your
bandwidth and expect some (illegal) bittorrent activity. Still not all
students are hackers and thus you might have luck with having your data not
stolen.

Anyway I still feal that most of Schneider's arguments are: "I was never
burned by the fire and thus I don't belive that I will ever be."

Cheers

?? Wednesday 18 June 2008 04:40:46 The Dark Sniper ??????:
> > And what do you suppose might happen if I take my laptop, connect to
> > his network, type in 192.168.1.1 (or do a host scan and look for a
> > dhcp server) login useing the default router password ( a quick google
> > search), enable WPA TKIP, add a password and enable MAC address
> > filtering so only my laptop could use it? What happens then
> >
> > And just think ... I'm only 17 years old LOL
> >
> > -Tommy
> >
> > Sent from my iPod
> >
> > On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:
>> > > Hi
>> > > Does anyone else feel confident enough about their home network
>> > > security to run an unprotected wireless network like Bruce
Schneier ?
>> > >
>> > >
http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1
>> > >/securitymatters_0110
>> > >
>> > > I can see his argument but I'm still going to keep mine secured.
>> > >
>> > > Robin

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
"Tom Le" <dottom (at) gmail (dot) com [email concealed]>
Date:
Tue, 17 Jun 2008 22:17:33 -0700
To:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

> > And what do you suppose might happen if I take my laptop,
> > connect to his network, type in 192.168.1.1 (or do a host
> > scan and look for a dhcp server) login useing the default
> > router password ( a quick google search), enable WPA TKIP,
> > add a password and enable MAC address filtering so only
> > my laptop could use it? What happens then

You wouldn't get past the AP. Bruce is running an open network (one
of 5 in his wifi range) but he *isn't* running the default router
config with default password and off-the-shelf firmware.

So you can try a brute force password attack against the router's
admin login page. Good luck with that.

So you can sniff wifi traffic after associating to the AP since it is
open. What's the big deal? You can go to any hotspot, hotel or
airport and sniff all day long.

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
"Mario Spinthiras" <mspinthiras (at) gmail (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 09:20:09 +0300
To:
"The Dark Sniper" <thedarksniper (at) gmail (dot) com [email concealed]>
CC:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

I bet you he starts heavy IPSEC session outside that network to avoid
MITM :) . I know I would if I wanted to brag about how open my network
at home is (and it's not).

--
Warm Regards,
Mario A. Spinthiras

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
"Charalambous Glafkos - InfoSEC \(.org.uk\)" <glafkos (at) infosec.org (dot) uk [email concealed]>
Date:
Wed, 18 Jun 2008 09:27:37 +0300
To:
"Sec" <wifisec (at) securityfocus (dot) com [email concealed]>

Hello,

Nothing would really happen as he can reset his router easily and secondly
he supposed to have wireless open for everybody so everybody would be on his
network which doesnt mean necessary he is using the default router password
and YES nobody would be secure on his network as it is not safe for him or
anyone else connected.

I leave the remaining blackhat thoughts to your imagination.

Doesnt mean that by using mac filtering and some kind of wireless protection
(wep, wpa, wpa2 etc.) you are totally secure as there are ways to overcome
that but better secured than nothing.

Best Regards,

Charalambous Glafkos ( nowayout )

__________________________________________

ASTALAVISTA - the hacking & security community

www.astalavista.com

www.astalavista.net

----- Original Message -----
From: "The Dark Sniper" <thedarksniper (at) gmail (dot) com [email concealed]>

To: "Sec" <wifisec (at) securityfocus (dot) com [email concealed]>

Sent: Wednesday, June 18, 2008 5:40 AM

Subject: Re: Bruce doesn't secure his wireless

> And what do you suppose might happen if I take my laptop, connect to his
> network, type in 192.168.1.1 (or do a host scan and look for a dhcp
> server) login useing the default router password ( a quick google
> search), enable WPA TKIP, add a password and enable MAC address filtering
> so only my laptop could use it? What happens then
>
>
>
> And just think ... I'm only 17 years old LOL
>
>
>
> -Tommy
>
>
>
> Sent from my iPod
>
>
>
> On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:
>
>
>
>> Hi
>>
>> Does anyone else feel confident enough about their home network
>>
>> security to run an unprotected wireless network like Bruce Schneier ?
>>
>>
>>
>>
http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110
>>
>>
>>
>> I can see his argument but I'm still going to keep mine secured.
>>
>>
>>
>> Robin
>>
>
>
>
>

Blog: http://www.spinthiras.net
Mail: mspinthiras (at) gmail (dot) com [email concealed]
Skype: smario125

Tom

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
Paolo Supino <paolo (at) supino (dot) org [email concealed]>
Date:
Wed, 18 Jun 2008 09:59:30 +0300
To:
Robin Wood <dninja (at) gmail (dot) com [email concealed]>
CC:
"wifisec (at) securityfocus (dot) com [email concealed]" <wifisec (at) securityfocus (dot) com [email concealed]>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Hi

~ I don't secure my wireless network (you're welcome to use it :-)

seriously you are!!!). Everything that needs to be secured is already

secured on my laptop. I pay a minimal flat fee and it doesn't make a

difference how much I use (I mostly don't, because I'm barely at home,

and when I am, I'm busy doing other things) it. I started this practice

before I read his article and I don't think I'll change it any time

soon. His argument (BTW) is a few months old.

- --

ttyl

Paolo

Robin Wood wrote:

| Hi

| Does anyone else feel confident enough about their home network

| security to run an unprotected wireless network like Bruce Schneier ?

|

|

http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110

|

| I can see his argument but I'm still going to keep mine secured.

|

| Robin

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.8 (Darwin)

Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhYslIACgkQRrCnED/jZ/ijGACfWDrKzZUarXvEuRAJnVg+8Q7S

fBgAnA+4P6rX0hv9/frhxuOA460oxlzR

=jA8W

-----END PGP SIGNATURE-----

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
Blaine Fleming <groups (at) digital-z (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 01:00:29 -0600
To:
wifisec (at) securityfocus (dot) com [email concealed]

The Dark Sniper wrote:

> And what do you suppose might happen if I take my laptop, connect to
> his network, type in 192.168.1.1 (or do a host scan and look for a
> dhcp server) login useing the default router password ( a quick google
> search), enable WPA TKIP, add a password and enable MAC address
> filtering so only my laptop could use it? What happens then
>

1. Why do you need to run a host scan to find the DHCP server? If you
receive an IP then your computer already knows the server that handed it
out. Actively searching for it is too much work.

2. Just because there is no authentication on the wireless doesn't mean
that the router itself doesn't have a password or is set to the default
password.

3. If you do manage to login and change something then all he has to do
is push a button to reset it as he has control of the physical hardware
and you don't.

I run several wireless networks for several public hotspots and not once
has anyone compromised the security of the devices. Of course, users
are on their own when it comes to securing their devices. The systems
that I have attached to the open wireless have had several attempts to
gain access but nobody has had success.

The moral of this story folks is that open doesn't mean insecure.

--Blaine

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
Paolo Supino <paolo (at) supino (dot) org [email concealed]>
Date:
Wed, 18 Jun 2008 10:06:38 +0300
To:
The Dark Sniper <thedarksniper (at) gmail (dot) com [email concealed]>
CC:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Hi Tommy

~ I'm sure that he has easy access to the reset button on the access

point to reset it to factory settings, 30 seconds later and he'll be

back in working order and you my friend would have spent 30 minutes for

nothing. What would happen then? Would you go through the whole process

again, and again, and again. Every time he resets the access point just

to prove a point? I'm sure you'll give up after the 3rd or 4th time.

Because for you it takes a bit of effort to do it. For him it takes a

pencil ... No offense intended: your post shows that you're only 17 ;-)

- --

ttyl

Paolo

The Dark Sniper wrote:

| And what do you suppose might happen if I take my laptop, connect to his

| network, type in 192.168.1.1 (or do a host scan and look for a dhcp

| server) login useing the default router password ( a quick google

| search), enable WPA TKIP, add a password and enable MAC address

| filtering so only my laptop could use it? What happens then

|

| And just think ... I'm only 17 years old LOL

|

| -Tommy

|

| Sent from my iPod

|

| On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:

|

|> Hi

|> Does anyone else feel confident enough about their home network

|> security to run an unprotected wireless network like Bruce Schneier ?

|>

|>

http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110

|>

|>

|> I can see his argument but I'm still going to keep mine secured.

|>

|> Robin

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.8 (Darwin)

Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEUEARECAAYFAkhYs/4ACgkQRrCnED/jZ/gHtQCY2opAsz/6vCLBWSHohUlFpAR6

gwCghtC6znjWc+j9tmL2lm3LkBqKXrg=

=4iT1

-----END PGP SIGNATURE-----

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
Jason Hunter <jason.hunter (at) gmx (dot) at [email concealed]>
Date:
Wed, 18 Jun 2008 09:15:11 +0200
To:
wifisec (at) securityfocus (dot) com [email concealed]

Before google-ing Bruce Schneier's default router password, try
google-ing "Bruce Schneier" and rethink if he is really using such a
password!

Consider:
> > 09 f9 11 02 9d 74 e3 5b d8 41 56 c5 63 56 88 c0 is the
> > combination on Bruce's suitcase

(from http://geekz.co.uk/schneierfacts/fact/ in case someone hasn't seen it
yet)

Clemens

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
Tyler Whittaker <tyler (at) as220 (dot) org [email concealed]>
Date:
Wed, 18 Jun 2008 04:15:50 -0400
To:
wifisec (at) securityfocus (dot) com [email concealed]

I suspect that Schneier doesn't leave the default password on his access
point. Even if you did manage to get in and enable WPA and MAC address
filtering (and turn on some firewall rules to block wired clients,
because these steps alone don't affect wired clients), every AP I've
ever worked with has a fairly simple way to reset it to factory defaults
(usually something like holding down the reset button and cycling
power). He even links to a page suggesting his possible response to
"some neighbor kid was dinking around" --
http://www.ex-parrot.com/~pete/upside-down-ternet.html

-Tyler

On Tue, Jun 17, 2008 at 10:40:46PM -0400, The Dark Sniper wrote:
> > And what do you suppose might happen if I take my laptop, connect
to his
> > network, type in 192.168.1.1 (or do a host scan and look for a dhcp
server)
> > login useing the default router password ( a quick google search),
enable
> > WPA TKIP, add a password and enable MAC address filtering so only
my laptop
> > could use it? What happens then
> >
> > And just think ... I'm only 17 years old LOL
> >
> > -Tommy
> >
> > Sent from my iPod
> >
> > On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:
> >
>> >> Hi
>> >> Does anyone else feel confident enough about their home network
>> >> security to run an unprotected wireless network like Bruce Schneier ?
>> >>
>> >>
http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110
>> >>
>> >> I can see his argument but I'm still going to keep mine secured.
>> >>
>> >> Robin

--
Tyler Whittaker
AS220 Labs Collaborator

************************************************************************
*****************

Subject:
Re: Re: Bruce doesn't secure his wireless
From:
jason.hunter (at) gmx (dot) at [email concealed]
Date:
18 Jun 2008 08:13:44 -0000
To:
wifisec (at) securityfocus (dot) com [email concealed]

Before google-ing Bruce Schneier's default router password, try
google-ing "Bruce Schneier" and rethink if he is really using such a
password!

Consider:
> > 09 f9 11 02 9d 74 e3 5b d8 41 56 c5 63 56
> > 88 c0 is the combination on Bruce's suitcase

(from http://geekz.co.uk/schneierfacts/fact/ in case someone hasn't seen it
yet)

Clemens

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
"Jamie Riden" <jamie.riden (at) gmail (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 10:47:48 +0100
To:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

2008/6/18 The Dark Sniper <thedarksniper (at) gmail (dot) com [email concealed]>:
> > And what do you suppose might happen if I take my laptop, connect
to his
> > network, type in 192.168.1.1 (or do a host scan and look for a dhcp
server)
> > login useing the default router password

Er, can we assume for the moment that Bruce Schneier has changed the
default password on his router?

"And if my computer isn't secure on a public network, securing my own
network isn't going to reduce my risk very much. "

Exactly. I've run several Linux boxes on the Internet without
firewalls, because I closed off all the open ports and made sure they
were patched up to date. Works fine, just have to remember you're
working with no safety net. But then, I've seen plenty of muck-ups
with hardware firewalls. Which were probably because people assumed
the hw firewall would protect them and didn't pay so much attention to
host security.

If your systems are locked down, you don't need to worry about the
audience. If they're insecure, you have to worry, even if you have a
restricted audience.

Just my 2 cents,

cheers,
Jamie
--

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
"oh oh" <chadchawan (at) gmail (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 16:54:13 +0700
To:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

Just tell him

************************************************************************
*****************

Subject:
Re: Bruce doesn't secure his wireless
From:
"Ivan ." <ivanhec (at) gmail (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 20:21:40 +1000
To:
"The Dark Sniper" <thedarksniper (at) gmail (dot) com [email concealed]>
CC:
Sec <wifisec (at) securityfocus (dot) com [email concealed]>

> >login useing the default router password ( a quick google search)

I doubt that Bruce would leave his router with a default password!

> > And just think ... I'm only 17 years old LOL
You need to read more from Bruce
http://www.counterpane.com/crypto-gram.html

On Wed, Jun 18, 2008 at 12:40 PM, The Dark Sniper
<thedarksniper (at) gmail (dot) com [email concealed]> wrote:
> >
> > And what do you suppose might happen if I take my laptop, connect
to his network, type in 192.168.1.1 (or do a host scan and look for a
dhcp server) login useing the default router password ( a quick google
search), enable WPA TKIP, add a password and enable MAC address
filtering so only my laptop could use it? What happens then
> >
> > And just think ... I'm only 17 years old LOL
> >
> > -Tommy
> >
> > Sent from my iPod
> >
> > On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:
> >
>> >> Hi
>> >> Does anyone else feel confident enough about their home network
>> >> security to run an unprotected wireless network like Bruce Schneier ?
>> >>
>> >>
http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110
>> >>
>> >> I can see his argument but I'm still going to keep mine secured.
>> >>
>> >> Robin
On 6/18/08, The Dark Sniper <thedarksniper (at) gmail (dot) com [email concealed]> wrote:
> > And what do you suppose might happen if I take my laptop, connect to
> > his network, type in 192.168.1.1 (or do a host scan and look for a
> > dhcp server) login useing the default router password ( a quick google
> > search), enable WPA TKIP, add a password and enable MAC address
> > filtering so only my laptop could use it? What happens then
> >
> > And just think ... I'm only 17 years old LOL
> >
> > -Tommy
> >
> > Sent from my iPod
> >
> > On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:
> >
>> >> Hi
>> >> Does anyone else feel confident enough about their home network
>> >> security to run an unprotected wireless network like Bruce Schneier ?
>> >>
>> >>
http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1/securitymatters_0110
>> >>
>> >> I can see his argument but I'm still going to keep mine secured.
>> >>
>> >> Robin
> >

Jamie Riden / jamesr (at) europe (dot) com [email concealed] / jamie (at) honeynet.org (dot) uk [email concealed]
UK Honeynet Project: http://www.ukhoneynet.org/

BTW: Sorry in case of a double post, my ML subscription is messed up
somehow !?

email: tyler (at) as220 (dot) org [email concealed]
PGP Key ID: 0xB7AF35DF

On Wednesday 18 June 2008 04:40:46 The Dark Sniper wrote:
> > And what do you suppose might happen if I take my laptop, connect to
> > his network, type in 192.168.1.1 (or do a host scan and look for a
> > dhcp server) login useing the default router password ( a quick google
> > search), enable WPA TKIP, add a password and enable MAC address
> > filtering so only my laptop could use it? What happens then
> >
> > And just think ... I'm only 17 years old LOL
> >
> > -Tommy
> >
> > Sent from my iPod
> >
> > On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:
>> > > Hi
>> > > Does anyone else feel confident enough about their home network
>> > > security to run an unprotected wireless network like Bruce
Schneier ?
>> > >
>> > >
http://www.wired.com/politics/security/commentary/securitymatters/2008/0
1
>> > >/securitymatters_0110
>> > >
>> > > I can see his argument but I'm still going to keep mine secured.
>> > >
>> > > Robin

************************************************************************
*****************

Subject:
RE: Bruce doesn't secure his wireless
From:
"David Maynor" <dave (at) erratasec (dot) com [email concealed]>
Date:
Wed, 18 Jun 2008 08:38:13 -0400
To:
"The Dark Sniper" <thedarksniper (at) gmail (dot) com [email concealed]>, "Sec"
<wifisec (at) securityfocus (dot) com [email concealed]>

He does a hardware rest and all is better.

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
On Behalf Of The Dark Sniper
Sent: Tuesday, June 17, 2008 10:41 PM
To: Sec
Subject: Re: Bruce doesn't secure his wireless

And what do you suppose might happen if I take my laptop, connect to
his network, type in 192.168.1.1 (or do a host scan and look for a
dhcp server) login useing the default router password ( a quick google
search), enable WPA TKIP, add a password and enable MAC address
filtering so only my laptop could use it? What happens then

And just think ... I'm only 17 years old LOL

-Tommy

Sent from my iPod

On Jun 17, 2008, at 5:54 PM, "Robin Wood" <dninja (at) gmail (dot) com [email concealed]> wrote:

> > Hi
> > Does anyone else feel confident enough about their home network
> > security to run an unprotected wireless network like Bruce Schneier ?
> >
> >
http://www.wired.com/politics/security/commentary/securitymatters/2008/0

1/securitymatters_0110
> >
> > I can see his argument but I'm still going to keep mine secured.
> >
> > Robin

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus