Re: [LUG] hotspot mania & 'evil twin ' scam

[Banoba Ezra]

How secure you want your link/connection/network to be depends on how you use the internet. It might not matter to you if someone picked up some of the data of an online game you are playing or streaming movie you are watching, but that's up to you and not the ISP. The ISP strives to provide a mechanism, not policy. The final security concerns for� individual user PC's, connected or not connected, are pushed as far toward the user as possible with the belief that users know better what their own needs are; within limits ofcourse. In any case, in Wireless or Wired, much as the mitigation techniques may differ, the security concerns are more or less the same. ezra. On Tue, 14 Jun 2005 17:35:41 +0300, Ronny wrote > O yes your are right but your wireless card centrino enabled chip won't know that it's dealing with the evil device/rogue Access point .Btw wireless is a very tricky thing.You secure your Box as a linux sysadmin but ignorant about the hacks in the air space,that need a wireless expert.May be I asked the wrong question to the right list ;-) .Turn off all those services and then your session will be hijacked in seconds . > > "Here's how session hijacking works. The hacker waits for someone to finish successfully the authentication process. Then you as the attacker send a disassociate message, forging it to make it look like it came from the AP [access point]. The client [user] thinks they have been kicked off, but the AP thinks the client is still out there. As long as WEP is not involved you can start using that connection up until the next time out, usually about 60 minutes.Remember you had a secure connection to your cooperate servers and your Linux box had all useless services uninstalled ! > Looks like fiction but works really bad!!!! :-\ > > > Conclusion > > "If even LAN communication has its own security flaws, do we stop "networking"? Of course not. We need to be aware of the benefits of mobile clients communicating with one other and accessing enterprise data. We also must be aware of how data and communication could be compromised -- then we'll know how to lower the risks. > Just as the benefits of protocols like 802.1x make us want to use them, any weaknesses in those protocols should only provide an invitation to companies, startups, and developers to come up with better, more secure solutions. Clients, companies, the government, and individuals will certainly make a market for such solutions, especially with the exponential growth of mobile devices." > Is Uganda ready for this is the next question? > > EOF > Ronny > > Noah Sematimba wrote: > My post assumed that in the first place your machine is suitably secured against attacks which it should be in any case if you're running some unix variant. It is a simple matter of turning off all unneeded services. Noah. On Tuesday 14 June 2005 16:49, Ronny wrote: Well you have covered just part of the security ,your connection to the office .But forgotten that you are using a rogue device to access your office.By the way the bad guy might be interested with what you have on your machine than what you are accessing!Well there will be a VPN to the office but not to the neighbours rite ;-) .Am not good at VPN's but that what I think correct me if wrong Ronny Noah Sematimba wrote: Well no one in his right mind should be relying on his ISP to provide him with security. Setup some sort of VPN to your office or tunnel over ssh or whatever means. All UTL is doing is providing you with the road, not also fitting the security features in whetever car you're going to use on their road. Noah. On Tuesday 14 June 2005 15:51, Robert Lukwago Mukasa wrote: With secure I suppose they mean what encryption standards are being used to protect users of the hotspots from hackers/crackers/attacks. Well how will we know unless we try them out? rob@ On 6/14/05, Mark Tinka <[EMAIL PROTECTED]> wrote: On Tuesday 14 June 2005 14:35, Ronny wrote: First I apologies for editing your subject am good at that. :-) Talk of hotspots mushrooming up ihere in UG.How secure are they. How do you mean, secure? In cases like these, security could be a point of view. Mark. Should we rush to get plugged into the matrix ;-) .Otherwise am a wireless advocate.Congs UTL and did I hear Infocom ? Ronny Alright good topic Kiggundu Mukasa wrote: Talk about starting with a bang! Congrats to UTL Need to go to each one and see what the performance is like. Kiggs **************** ***************************** Kiggundu Mukasa # Computer Network Consultancy### KYM-NET LTD. # Intranets & Internet Solutions# Plot 80 Kanjokya Street P.O. Box 24284 Kampala, Uganda Tel: +256 77 972255 +256 71 221141 Fax: +256 31 262122 **************************************************** ************* ----------------------------------------------------- ------------------- _______________________________________________ LUG mailing list LUG@linux.or.ug http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ _______________________________________________ LUG mailing list LUG@linux.or.ug http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ > > -- *************************************************************************** / ''We can't become what we need to be by remaining what we are''\ \ ,, ,,/ *************************************************************************** -- To be sure of hitting the target, shoot first and whatever you hit, call it the target.

_______________________________________________
LUG mailing list
LUG@linux.or.ug
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/