On Jan 13, 2006, at 11:09 AM, Amber R. wrote:
I told her that I had no interest in this arrangement at all as it
is obviously illegal and I am also concerned about the security of
my files. She has shown up a couple of times at my door since
then saying that her brother is a network analyst and would ensure
the cable company would never know about her surfing on my
connection and said all he would need is my WEP password to access
it. Their persistence is not only getting annoying, but concerning
as well.
There's no way (IMO) that he could guarantee this; anything he puts
on will have to have a separate MAC address, so that packets get
routed back to his CPU and not yours. The MAC address gets tracked,
ISPs can tell how many CPUs are using a given connection if they wish
to bother. Will the cable company ever know that one wireless CPU is
in your house and one is next door, connecting thru the same router?
Not unless they come in and physically see what CPU is physically not
in your house.
Currently, I have turned the router off and just have the cable
modem going directly into the PB but this is really an
inconvenience to me as the whole idea of buying the router was so
that I could use my PB anywhere in my place.
I would really like to know if there are any measures I can take
to protect my connection so they cannot access it and to ensure my
files are safe.
All wireless is hackable, it's a question of if it is worth it to
bother or not.
PS. It did sort of strike me as odd that even though her brother
is a Network administrator/analyst, he has not been able to get
past the WEP password. Aren't these supposed to be relatively easy
to crack if you know what you're doing ?
On a non-Apple CPU, it is not hard, there is software now that can do
predictive attacks on the key that can often find the right key in a
matter of seconds (WEP keys anyway). At most it's a matter of
collecting a few hundred thousand packets via sniffing then working
with the collection. (Airport cards cannot be put into promiscuous
mode, which is needed to monitor packets that are not yours, so Macs
need a 3rd party card to do this- but it's much easier for most
regular computers). For all the hype, though, you are not likely to
be victimized by this.
If you wish to go whole-hog:
-Keep your WEP on (or WPA if you have it in the router AND all your
computers support it).
-Turn on MAC address filtering, and allow access to only your
computer. The MAC address is a long ID string, specific to a given
ethernet card.
and just keep an eye on your router logs. If they hack in (not
likely, media people talk about it a lot but it's not common), you'll
see their CPU and MAC address in your router access (DHCP) table, and
you can totally block access to them via you router config. They'd
have to change their MAC address on their CPU to get in at that point
(which is possible but again, not common).
If someone were being bad, you would see them in your router table
that lists connecting MAC addresses (my routers have all always shown
that anyway, but I don't use Apple ones), and you can then blacklist
them.
In fact, you could open it up for a day/week (long enough to let them
find it and rejoice), note their computers MAC ID, and then blacklist
them :)
Personally, I do not bother with WEP, but I keep MAC address
filtering on. I figure if someone wants in, WEP will not stop them,
so there's not a point to bothering with it. They'd have to clone
my MAC address to get in, which is a pain and they'd have poor
connectivity as packets would get lost (I think). I'd still see them
in my logs as I'd notice connections when I wasn't online via
wireless, and I could deny them access and change my own ID to let me
stay in (repeat as needed).
But of course, there isn't anyone doing any of this, at least on my LAN.
HTH.
Brian
--
G-Books is sponsored by <http://lowendmac.com/> and...
Small Dog Electronics http://www.smalldog.com | Refurbished Drives |
-- Check our web site for refurbished PowerBooks | & CDRWs on Sale! |
Support Low End Mac <http://lowendmac.com/lists/support.html>
G-Books list info: <http://lowendmac.com/lists/g-books.html>
--> AOL users, remove "mailto:";
Send list messages to: <mailto:G-Books@mail.maclaunch.com>
To unsubscribe, email: <mailto:[EMAIL PROTECTED]>
For digest mode, email: <mailto:[EMAIL PROTECTED]>
Subscription questions: <mailto:[EMAIL PROTECTED]>
Archive: <http://www.mail-archive.com/g-books%40mail.maclaunch.com/>
---------------------------------------------------------------
iPod Accessories for Less
at 1-800-iPOD.COM
Fast Delivery, Low Price, Good Deal
www.1800ipod.com
---------------------------------------------------------------
