Archived from groups: (
More info?)
On 12 Oct 2004 23:13:08 -0700, delphiprog@hotmail.com (Doug Beattie)
wrote:
>Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote in message news:<d09om0d7ij43404hlc0eticfeoptu18vqh@4ax.com>...
>> On 12 Oct 2004 09:41:24 -0700, delphiprog@hotmail.com (Doug Beattie)
>> wrote:
>Bob & Jeff thanks for your input. I have put a screen shot of the
>main page of my router here:
http://www.thegreatpuma.com/HomePage.JPG
>and SSID page:
http://www.thegreatpuma.com/ssid.JPG to maybe help a
>little bit.
Everything looks correct. Encryption enabled and set. I guess(tm)
auto means Open Authentication which is fine. Therefore, you did your
part correctly.
Drivel: I suggest you get off Channel 10 and move to 1, 6, or 11.
These are non-overlapping channels. Channel 10 will overlap slightly
onto Channel 6 users. It usually not a problem unless your close, but
if there's no overpowering reason to use Channel 10, I would make the
change.
>There was definitely a connection, we were both surfing the net
>looking for a solution to an issue we were dealing with.
Thanks for clearing that up. I couldn't tell if you simply had
associated with the access point, or if you had a functional
connection.
>Right, I did, and that's what he told me "your connection isn't
>secure".
Is your friend a philosopher? He talks like one. If he was that good
at hacking your connection, he would also have made specific
recommendations or helped you with the setup. At least I would have
done that even if I were in hurry. Something is fishy here.
>OK, I guess I'm confused. My laptop needs to know the SSID
>"THEGREATPUMA" even though the SSID is not broadcast - I have to enter
>that SSID before I can even associate to the router.
Correct. If you don't broadcast the SSID, you *usually* have to
manually set it in your client software.
>If said SSID is not broadcast
>(and not known by the person attempting to connect) I thought it would
>then have to either be guessed or sniffed (if at all possible). Am I
>wrong on this? Can you connect/associate to any router with SSID
>broadcast disabled without that router's SSID? I think I'm missing
>your point here.
Your partly correct. Normally, you need the SSID to connect.
However, many wireless client application will accept the word "ANY"
in the SSID field and literally connect with anything it can hear. I
do this because I'm lazy (and it's fun). I'm not sure if XP SP2 still
allows SSID=ANY trick. (Can someone check?)
Anyway, point was that you didn't do any checking of the SSID or run
any diagnostics (netstat, ipconfig, tracert) to see what you've
connected to. You assumed[1] that you had connected to your access
point. If your friend had it set to SSID=ANY, it could have been the
neighbors.
>Well, there's no post-it note, I'm really not that stupid ;-)
Back in the dot.com era of the internet, I used to do security audits
for a few large corporations. Basically, I was the sanity check their
IT people. The first thing I looked for were the inevitable post it
notes with passwords inscribed. I think my hit rate was about 2% of
users used this method of remembering cryptic passwords. The worst
offenders were the sysadmins and vendor representatives. Let's just
say it's a rather common security violation.
>In fact
>I'm the only one that knows the generator key.
Wrong. Many wireless clients save the SSID and WEP keys in plain text
in either config files or in the registry. I can fish it out of your
laptop fairly easily.
http://wlannews.otaku42.de/newsblog/index.php?p=30&more=1&c=1
>Both my laptop and
>desktop cannot see the connection without the correct ssid. They can
>see it when I input the SSID, but cannot connect due to the
>encryption.
Good. Then your encryption is working properly.
>I will talk to him in a couple of days so it may be moot
>at that point. Anyway, please do take a look at the screenshot I
>posted above. When I get info from my buddy I'll post back with the
>results.
I predict that he won't be able to tell you if he connected to your
access point or someone elses. You can sorta try the same thing with
your laptop. Turn OFF your access point, set the SSID=ANY on your
laptop, and see if you can connect to something. My guess(tm) is that
you can. If so, try to identify the access point owner that their
system is insecure.
[1] Assumption, the mother of all screwups.
--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558