REDUCING Range

[Guest]

Archived from groups: alt.internet.wireless (More info?)

Pat Henry Wrote:
> I still do not understand the rational of why reducing the power output
> of the router, disabling SSID, or enabling MAC filtering will secure a
> WiFi network.
>
Who said it would. I will use every pratical tool available to make the
network as secure as possible.

I will attempt to explain the reason to you for reducing the range of
Wi-Fi router:
If the area I need to cover is only say 50 meters, why have a system
that can reach a couple of hundred meters? It won't stop a determined
hacker but 'passers by' will have less chance of detecting the network
which can only help make it more secure.

Take it to extremes. Person 'A' Has a wireless network that has a range
of 10Km and person 'B' has a network that has a range of 10m. Who will
be at greater risk from a hacker?


--
Entropy1024
brought to you by http://www.wifi-forum.com/

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

A good example and it has an easy answer. If person A is using WPA with
a strong passphrase, their data are secure. If person B is using WPA
with a strong passphrase, their data are also secure.

Why do you believe when data are encrypted, that the range the data are
transmitted has anything to do with data security?


> Take it to extremes. Person 'A' Has a wireless network that has a range
> of 10Km and person 'B' has a network that has a range of 10m. Who will
> be at greater risk from a hacker?
>
>

 

[Roger]

Archived from groups: alt.internet.wireless (More info?)

Pat Henry wrote:
>
> A good example and it has an easy answer. If person A is using WPA with
> a strong passphrase, their data are secure. If person B is using WPA
> with a strong passphrase, their data are also secure.
>
> Why do you believe when data are encrypted, that the range the data are
> transmitted has anything to do with data security?

Because he seems to be able to use common sense. This is not about a
determined hacker, but a casual passerby, as he said. If his range
reaches out into a public parking lot or the local teen center, I'd say
he would be less likely to get hacked if he reduces the range to the
size of his own yard.

 

[Roger]

Archived from groups: alt.internet.wireless (More info?)

Pat Henry wrote:

>
> A good example and it has an easy answer. If person A is using WPA with
> a strong passphrase, their data are secure. If person B is using WPA
> with a strong passphrase, their data are also secure.
>
> Why do you believe when data are encrypted, that the range the data are
> transmitted has anything to do with data security?

Just in case your argument is that with WPA his network is secure no
matter if he reaches around the world or only 5 feet:
http://wifinetnews.com/archives/004428.html

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

So, you are saying that common sense should tell me that a WPA data
packet is safe if it attenuates into oblivion at my front lawn, but it
is unsafe if it floats into Ye Olde Cyber Cafe & Hack Shoppe down the block.

Please, using common or any other sense, tell my why this is so?


Rôgêr wrote:
> Pat Henry wrote:
>
>>
>> A good example and it has an easy answer. If person A is using WPA
>> with a strong passphrase, their data are secure. If person B is using
>> WPA with a strong passphrase, their data are also secure.
>>
>> Why do you believe when data are encrypted, that the range the data
>> are transmitted has anything to do with data security?
>
>
> Because he seems to be able to use common sense. This is not about a
> determined hacker, but a casual passerby, as he said. If his range
> reaches out into a public parking lot or the local teen center, I'd say
> he would be less likely to get hacked if he reduces the range to the
> size of his own yard.

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

Roger, you are right. Any security system is only as strong as it's
weakest link. In my past post I mentioned this ... "WPA is secure as
long as you use a long pass phrase with high entropy."

If you are using WPA the correct way, i.e. a passphrase with 64 bits or
more of entropy, then 5ft or 500 mi makes no difference.



Rôgêr wrote:
> Pat Henry wrote:
>
>>
>> A good example and it has an easy answer. If person A is using WPA
>> with a strong passphrase, their data are secure. If person B is using
>> WPA with a strong passphrase, their data are also secure.
>>
>> Why do you believe when data are encrypted, that the range the data
>> are transmitted has anything to do with data security?
>
>
> Just in case your argument is that with WPA his network is secure no
> matter if he reaches around the world or only 5 feet:
> http://wifinetnews.com/archives/004428.html

 

[Roger]

Archived from groups: alt.internet.wireless (More info?)

Pat Henry wrote:

> So, you are saying that common sense should tell me that a WPA data
> packet is safe if it attenuates into oblivion at my front lawn, but it
> is unsafe if it floats into Ye Olde Cyber Cafe & Hack Shoppe down the
> block.
>
> Please, using common or any other sense, tell my why this is so?

You seem to pretty clue resistant, so I'll talk slowly. To reduce
exposure to hostile activities, it is prudent to reduce the amount of
area covered. You honestly, honestly think if you covered the entire
area of southern California that the risk of intrusion would be equal if
the coverage area were only a back yard?

I'm not arguing against encryption nor any other security measures. I'm
only stating that yes indeed, if you have only a slight chance of an
advanced wireless user finding your signal that you are safer than if
your signal is out there for anyone and everyone to take a whack at it.

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

You are right. I had no clue that the further an encrypted signal
travelers from it's source, the more insecure it becomes.

Well, here is a clue for you. The number of people who receive an
encrypted packed is irrelevant. The number of processors that are
working on cracking the packet is very relevant.





Rôgêr wrote:
> Pat Henry wrote:
>
>> So, you are saying that common sense should tell me that a WPA data
>> packet is safe if it attenuates into oblivion at my front lawn, but it
>> is unsafe if it floats into Ye Olde Cyber Cafe & Hack Shoppe down the
>> block.
>>
>> Please, using common or any other sense, tell my why this is so?
>
>
> You seem to pretty clue resistant, so I'll talk slowly. To reduce
> exposure to hostile activities, it is prudent to reduce the amount of
> area covered. You honestly, honestly think if you covered the entire
> area of southern California that the risk of intrusion would be equal if
> the coverage area were only a back yard?
>
> I'm not arguing against encryption nor any other security measures. I'm
> only stating that yes indeed, if you have only a slight chance of an
> advanced wireless user finding your signal that you are safer than if
> your signal is out there for anyone and everyone to take a whack at it.

 

[Roger]

Archived from groups: alt.internet.wireless (More info?)

Pat Henry wrote:
> You are right. I had no clue that the further an encrypted signal
> travelers from it's source, the more insecure it becomes.
>
> Well, here is a clue for you. The number of people who receive an
> encrypted packed is irrelevant. The number of processors that are
> working on cracking the packet is very relevant.

Okay, we disagree and I don't suppose it will hurt either of us very
much to leave it that way. Your sarcasm is noted and I appreciate
someone with a sense of humor. No, a packet traveling further doesn't
become intrinsically less secure. It's the exposure to more people who
may be trying to hack the signal that I've been posting about. In a way,
you seem to agree to some extent with the statement that the number of
processors working on it is relevant. To me, bigger area = more possible
processors working on it.

 

[Guest]

Archived from groups: alt.internet.wireless (More info?)

On Wed, 10 Nov 2004 01:47:52 -0500, Rôgêr <abuse@your.isp.com> wrote:

>No, a packet traveling further doesn't
>become intrinsically less secure. It's the exposure to more people who
>may be trying to hack the signal that I've been posting about. In a way,
>you seem to agree to some extent with the statement that the number of
>processors working on it is relevant. To me, bigger area = more possible
>processors working on it.

Well, there is a bit of truth to the premis that more signal leads to
less security. However, it has to do with the power from the client
radios, not the access point. Sniffing and logging the access point
traffic can be used to extract the WEP/WPA key. However, once that's
accomplished, the interesting traffic comes from the client radios,
not the access point. If I wanted to extract a login/password pair,
it would need to come from the client radio, not the access point.
Same with SSL key exchanges, and authentication exchanges. If I
wanted to spoof the MAC address, I could get the client MAC address
from the access point transmissions, but the TCP sequence numbers have
to come from the client radio in order to do session hijacking.
Therefore, I suggest that the power output of the client radios is
also an issue and that effective wireless hacking requires hearing
both the access point and the client radios.


--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558