[Dorset] Fwd: [Hampshire] Any of you guys after a Job in Portsmouth?

2017-02-07 Thread Tim 


This was posted on the Hants lug if anybody is interested.

Tim



 Forwarded Message 

Hi Guys,

It's been years since I last posted on here at all but I'm in a bit of a 
bind looking for a good support engineer for our team.


Key skills are of course Linux but also some networking and Microsoft 
server product knowledge would be nice...


Anyone interested please pop me an email with your CV to 
aa...@loadbalancer.org , the job is 
advertised on TotalJobs so for more info check the advert here : 
https://www.totaljobs.com/job/technical-support-engineer/web-recruit-ltd-job67660687?entryurl=%2fjobs%2fsupport%2fin-portsmouth%3fradius%3d10%2367660687


Aaron West
-- 
Please post to: hampsh...@mailman.lug.org.uk
Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL: http://www.hantslug.org.uk
 
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] SSID Hiding

2017-02-07 Thread tda 

On 07/02/17 09:02, PeterMerchant via dorset wrote:

On 06/02/17 16:19, Terry Coles wrote:

Hi,

I have just installed a shiny new Netgear VSDL Router to replace the
never
updated Plusnet supplied one.

The main reasons that I bought it is that the Plusnet router has the
above
mentioned lack of security patches and the inability to filter on MAC
Addresses
or hide the SSID.


What's the point of a hIdden SSID when the moment any device starts
talking to that SSID, a listener can see it in the ether?



One reason to use it is where you have multiple SSID's (say mySSID which 
gives full access to an internal network and mSSID-Guest which just 
gives visitors access to the internet). Saves the confusion of a visitor 
trying to connect to mySSID with the mySSID-Guest password.


Cheers

Tim



--
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] SSID Hiding

2017-02-07 Thread PeterMerchant via dorset 

On 07/02/17 09:40, Terry Coles wrote:

On Monday, 6 February 2017 16:19:26 GMT Terry Coles wrote:

I have just installed a shiny new Netgear VSDL Router to replace the never
updated Plusnet supplied one.

The main reasons that I bought it is that the Plusnet router has the above
mentioned lack of security patches and the inability to filter on MAC
Addresses or hide the SSID.

Thanks for all the comments on SSID hiding.  Overnight, my son had problems
with a couple of Windows machines that he uses and during his researches he
also discovered the issues with spoofing etc mentioned by Ralph et al.

As a result, I've now turned SSID hiding off.

I will be asking Netgear for their opinion, given the debate.


Just for interest, does Wifi Analyzer on Android see the hidden SSID?


P.


--
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] SSID Hiding

2017-02-07 Thread Terry Coles 
On Monday, 6 February 2017 16:19:26 GMT Terry Coles wrote:
> I have just installed a shiny new Netgear VSDL Router to replace the never
> updated Plusnet supplied one.
> 
> The main reasons that I bought it is that the Plusnet router has the above
> mentioned lack of security patches and the inability to filter on MAC
> Addresses or hide the SSID.

Thanks for all the comments on SSID hiding.  Overnight, my son had problems 
with a couple of Windows machines that he uses and during his researches he 
also discovered the issues with spoofing etc mentioned by Ralph et al.

As a result, I've now turned SSID hiding off.

I will be asking Netgear for their opinion, given the debate.

-- 



Terry Coles

-- 
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

[Dorset] Bournemouth Pub Meeting Tonight, Tuesday 2017-02-07.

2017-02-07 Thread Ralph Corderoy 
Hi,

It's the pub meet tonight at The Broadway, 8pm-ish.  For those that
haven't been before look out for a flip of laptops or Terry's stuffed
penguin.

http://dorset.lug.org.uk/wiki/doku.php?id=meetings%3Apub
http://dorset.lug.org.uk/wiki/doku.php?id=members#terry_coles

We are often to the far left of the bar in the corner, near a mains
socket, though that can get a blast of chilly stale smoke from the
gaspers out in the cold when the door opens.  Or we might be in the
pub's "snug", a small room off the right end of the bar.  We like
corners.

See you there.

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] SSID Hiding

2017-02-07 Thread PeterMerchant via dorset 

On 06/02/17 16:19, Terry Coles wrote:

Hi,

I have just installed a shiny new Netgear VSDL Router to replace the never
updated Plusnet supplied one.

The main reasons that I bought it is that the Plusnet router has the above
mentioned lack of security patches and the inability to filter on MAC Addresses
or hide the SSID.

What's the point of a hIdden SSID when the moment any device starts 
talking to that SSID, a listener can see it in the ether?


Here's a debunking of the Hidden SSID feature: 
http://www.howtogeek.com/howto/28653/debunking-myths-is-hiding-your-wireless-ssid-really-more-secure/


FWIW long ago my home SSID was the same as my work one so that I didn't 
have to change networks when I brought my laptop home. It wasn't 
automatic to change networks back then.   Later it made for some fun 
when both networks had the same SSID but different WPA keys.


Cheers,

Peter


--
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] SSID Hiding

2017-02-07 Thread Ralph Corderoy 
Hi Terry,

> Patrick wrote:
> > Determining and spoofing the MAC address and SSID is totally
> > feasible.
>
> But probably not by an up and coming geek.

It's pretty easy due to programs like
https://en.wikipedia.org/wiki/Kismet_(software) and
https://en.wikipedia.org/wiki/Aircrack-ng
I'd expect the Minecraft-playing kid next door could graduate to playing
around having Googled some of the many tutorials.

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] SSID Hiding

2017-02-07 Thread Ralph Corderoy 
Hi Patrick,

> That is interesting to consider. I wonder how the psychology works
> out. Are hidden networks "off the radar", or do they look like juicier
> targets, because somebody is trying to hide them?

I could imagine the latter.  When faced with N networks to attack and
limited resources, it probably won't be a random choice.  And if someone
has set their own SSID, and thinks `tvdetectorvan' is amusing, then they
may be doing a lot of the set up themselves thus making mistakes.

> Are attackers even looking for SSIDs that stand out?

I would, if the alternative is mindnumbing homogenous lists.  A
neighbour here has house number plus first word of street name.  Or
someone does that wants to pretend to be that neighbour.  :-)

> Some attackers might actually be attracted to default-sounding SSIDs,
> in the hope of finding an easy target with a weak password.

By having some kit that's not Sky's, for example, have a `SKY*' SSID,
then perhaps that's a slight impediment to their assumptions.

> I think WPA2-PSK uses mutual authentication of the client and access
> point.

Yes, a Pairwise Master Key is achieved through the Four-Way Handshake
that shows both parties knew the secret.  WPA2-EAP also achieves this.

One other point;  there's no Forward Secrecy with WPA2 so an attacker
can record encrypted data in the hope of one day gaining access and
decrypting their backlog.  That might be because you give it to them as
a visitor knowing you're not doing anything yourself with wifi at the
time and thinking you'll change it as soon as they've gone.

Cheers, Ralph.

-- 
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR

Re: [Dorset] SSID Hiding

2017-02-07 Thread Ralph Corderoy 
Hi Terry,

> > https://en.wikipedia.org/wiki/Network_cloaking
>
> I'm assuming that you're refering to the following extract:
> 
> 'Worse still, because a station must probe for a hidden SSID, a fake
> access point can offer a connection.'
> 
> Correct me if I'm wrong, but wouldn't that fake AP have to spoof the
> MAC Address of my Router or know what the SSID was?

If the SSID is hidden then the WAP isn't sending out occasional
broadcast "Cooeee" beacons containing the SSID allowing all clients to
passively listen to find out what are within earshot.  Instead, your
client, knowing the desired SSID, will send out a "probe request",
described on that page:

Probe request frames are sent unencrypted by the client computer
when trying to connect to a network.  This unprotected frame of
information, which can easily be intercepted and read by someone
willing, will contain the SSID.

AIUI, it will send it on all the configured channels and for all hidden
SSIDs it knows about which are set to "auto-connect".  So a device that
gets about a bit might be sending quite a few packets.  Perhaps you can
tell it the WAP MAC address so the probe-request packet has that as the
destination address, but the packet is in the ether and audible to all
so a promiscuous interface, the technical term for one configured to
take all packets, not just those matching its own MAC address, will see
the probe request, its SSID, and, if it wasn't a broadcast packet, the
expected WAP's MAC address.  It can use those in its forged reply.

(Does Android allow you to set the expected WAP's MAC address for a
hidden SSID?)

You could install Wireshark and see if it will show you all the packets
within wifi earshot.

> I'm using MAC Adress filtering too (as well as WPA2 PSK encryption).

I do that too, though mainly so there's a central place where I've noted
what's what.

> Anyway they all connect to hidden networks; even my Raspberry Pi!

-- 
Next meeting:  Bournemouth, Tuesday, 2017-02-07 20:00
Meets, Mailing list, IRC, LinkedIn, ...  http://dorset.lug.org.uk/
New thread:  mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING
Reporting bugs well:  http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR