Comments on: Secure by default

by: arikb

Sat, 29 Jul 2006 09:13:21 +0000

Now that’s interesting. WPA-encrypted networks that can be broken into within 15 minutes of sniffing - that’s news to me. You’re not talking about WEP, right? Can you please supply more details?

by: dera (binary loc)

Fri, 28 Jul 2006 21:14:35 +0000

and arik, I can break into a WPA network with MAC filtering in less than 15 minutes. More than enough time to not look suspicous. The guy I’m with jumps out of the car, walks into a nearby building or the place we a targeting, looks around, acts intrested in an item/service, and when he gets back the router’s firmware has been upgraded to our version, which records every 1 and 0 that passes through it and sends it off to us. and if someone asks a question in the process, why I am sitting there with a laptop on in their parking lot, I am playing a nice game of chess against the computer (that is in the middle of a good game, saved from a few nights before) on a seperate desktop so they don’t see a thing. If they ask, I tell them my friend’s fake name and if he calls in to check, sure enough, there is a guy with that name sitting there asking about the latest version of some overprices piece of software and negociating a price for extra addons and a few hundred more seats.

God I love pen. testing. The look on a smug CEO’s face when he finds out how easily you can screw him- priceless.

by: dera

Fri, 28 Jul 2006 21:07:57 +0000

noam: uber hackers? I have friends who are complete morons who can shove an auditor livecd into their media tray, pass a few commands and fuck a wireless network.

More like count on it that your neightbors are not intrested or have IQ’s lower than 70.

by: arikb

Wed, 28 Sep 2005 21:34:31 +0000

It’s better than nothing. You’re protected from the occational hot-spotter.

If you upgrade to WPA, that’s much more significant.

by: noam

Wed, 28 Sep 2005 21:30:41 +0000

From what I can tell even those who go through a few extra clicks to
secure their wireless network aren’t very safe. I just configured a wireless
network in my new apartment for myself and my roomate to use.

I’ve setup a 128-bit encryption key and MAC access list. Still, someone can hack
the key in a few days, fake his MAC address and get everything he wants…

I’m counting on the fact that my neighbors aren’t uber-hackers.

By the way, that Linksys is extremely sexy (Please don’t make any assumptions
regarding my sex life based on this comment).

by: Saar Drimer

Wed, 14 Sep 2005 11:38:16 +0000

This applies to many big outlets (like Costco)… simply, the return lines are very long on the weekends.

by: arikb

Wed, 14 Sep 2005 00:59:05 +0000

Thanks, Saar. Yes there was a ‘reduced price item’, for $2 less. Needless to say I didn’t take it. You can see how good a product is by the ratio of unopened/returned boxes on the shelf.

What’s wrong with returns on a weekend? I just had to ask…

by: Saar Drimer

Tue, 13 Sep 2005 22:02:55 +0000

Well, these things can be handled by the manufacturers… but why would they bother? They are not liable for any loss of anything. As long as “society” has “hackers” to blame in the mass media, all will remain the same.

As for Fry’s… you caught them on a good year. Up to about a year ago shopping there was not so pleasant. They improved greatly, especially on customer service and returns. First, don’t ever buy something with a “returned merchandise” sticker on it unless it is significantly cheaper and you are willing to come back to return it. Second, open anything expensive in front of the clerk to see that is it brand new, even if it shrink wrapped and “looks” new. I once bought a motherboard that looked new, but the inside was a mess. Third, never attempt a return on the weekends. Happy shopping at Fry’s it’s heaven for geeks like us; I’ll miss it.

by: SecuriTeam Blogs » Secure by default

Tue, 13 Sep 2005 05:09:32 +0000

[…] Originaly posted in my blog […]