WiFi security issues? Newbie ? for W7 - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
  •         ---> 
  •         |           `--> Re: What's a hardware firewall? was W iFi security issues? Newbie
  •         ---> 
  •         |               `--> Re: What's a hardware firewall? was W iFi security issues? Newbie

Re: WiFi security issues? Newbie ? for W7

On Sun, 19 Dec 2010 02:38:52 -0800 (PST), RayLopez99

Quoted text here. Click to load it

I got a laptop from Ebay about 3 years ago.  I should have started
shopping earlier, and had to buy what was available, and it arrived
only 3 days before i was to leave on a long trip to Asia.

It came with 3 methods of internet, a port that accepted a phone cord,
a PC port (PCMCIA) that accepted the included Network Jack card and
the included wireless card.  One of them required installing software,
so I was doing that.  I didn't have DSL yet, so I was going to have to
use a flashdrive to transport files from my desk computer to the
laptop.

Half way through doing that, I noticed that my laptop was dl'ing my
email and my newsgroups!   It turned out I was using one of my
neighbors' broadband/wireless.  It's a good thing, too, because it
saved me a lot of time I needed for packing, etc.

When I got back two months later, there was a password on her account.

AIUI, I didn't cost her anything. I didn't even slow her down.

I've run my network without encryption or a password for some of the
time since, and so far, I'm the only MM2005 listed in the phone book.
So I guess no one has stolen my identity yet.

Quoted text here. Click to load it

I thought files, directories, and printers had to be checked as Shared
before even you can read those files or use the printer on your own
network, and you have to have the password too.     So as long as I
don't put any files in my one Shared directory, I thought I was safe.
Yes?

Is that correct?

Quoted text here. Click to load it


Re: WiFi security issues? Newbie ? for W7

On 20/12/10 15:46, mm wrote:
Quoted text here. Click to load it

I'm assuming you are using Windows.

/Everything/ is shared by default - you have to specifically disable the
file sharing service to stop it.  In particular, there are a number of
"default shares" that are (AFAIK) always enabled in windows unless the
whole file sharing service is disabled - you don't need to explicitly
share them.  For every drive, there is a share named "c$", "d$", etc.,
that is available to any user with Administrator privileges.  These
default shares are hidden, in the sense that they don't show up in
normal network browsing or "net view \computer", but you can connect to
them easily enough.

You may /think/ that you haven't shared your files, but if I can see
your computer on a network (and wireless networks are easily cracked -
WPA in seconds, WPA2 takes several minutes) I can type "net use x:
\computer\c$ /user:Administrator" and try to guess your password.
Using Linux rather than Windows makes such an attack easier to automate,
but it can be done with Windows too.

Obviously enabling the windows firewall will make such a simple attack
very much harder - but certainly not impossible.

Re: WiFi security issues? Newbie ? for W7


Quoted text here. Click to load it

I think you meant wep was cracked in seconds. Please provide reference
urls discussing WPA cracked in seconds. I'd like to learn more. Thanks.

Those hidden shares can be disabled. They aren't available on these
machines here; for example.

Quoted text here. Click to load it

A hardware based firewall which filters netbios requests helps nicely
too. :)




--
Hackers are generally only very weakly motivated by conventional rewards
such as social approval or money. They tend to be attracted by
challenges and excited by interesting toys, and to judge the interest of
work or other activities in terms of the challenges offered and the toys
they get to play with.

Re: WiFi security issues? Newbie ? for W7

On 21/12/2010 06:19, Dustin wrote:
Quoted text here. Click to load it

Note - I haven't tried this myself.

You may be right that it is just WEP that can be cracked in seconds.
WPA and WPA2 cracking seems to be done using dictionary attacks on the
pre-shared keys - thus it can be fast or slow depending on the quality
of the password chosen.  The WPA/WPA2 cracking is done by capturing a
few packets (not many are needed, apparently) and running the cracking
off-line.  With big rainbow tables and a fast cracker computer, this
often won't take long.

If you are using "enterprise" WPA rather than pre-shared key WPA, it's a
different matter - cracking is pretty much infeasible.

Quoted text here. Click to load it

Yes, but how many people know how to do that - even if they know the
hidden shares exist in the first place?

Quoted text here. Click to load it

Absolutely true - hardware firewalls are far more effective than windows
softwrae firewalls for blocking unwanted external traffic.  Software
firewalls on windows are good for limiting outgoing traffic from
specific programs, but not good enough to protect from external attacks.

Re: WiFi security issues? Newbie ? for W7

David Brown wrote:
Quoted text here. Click to load it

they are certainly good enough to repel all but the most determined hackers.

But who expects the NSA to come sniffing round in a black van stuffed
with supercomputers and packet sniffers?

Not me, Osama ;-)


Re: WiFi security issues? Newbie ? for W7

On 12/21/2010 9:15 AM, The Natural Philosopher wrote:
Quoted text here. Click to load it

Are you trying to say that everyone is not interested in everything I do?
I'm going to go and cry now.......

Re: WiFi security issues? Newbie ? for W7

TVeblen wrote:
Quoted text here. Click to load it


No. Merely that the ones who are, are not likely to be clever enough to
find out.
;=-)

Re: WiFi security issues? Newbie ? for W7

typed in microsoft.public.windows.vista.general  the following:
Quoted text here. Click to load it

    You do know that paranoia is the _delusion_ others are out to get
you, do you not?  B-)

    Oh, by the way, I've seen your file - nothing to worry about.


tschus
pyotr

p.s. the reality is that everybody _is_ out to get you.  They're just
not working together, that's all.
--  
pyotr filipivich
What is normal?
"Two sigmas either side of Mu.
 You bring the cow."   drieux.

Re: WiFi security issues? Newbie ? for W7

David Brown wrote:
Quoted text here. Click to load it

Not in my experience. Getting file sharing to work on a windows LAN
requires that you do a lot of configuration, starting with turning
netbios on, then exporting various things as shares, and finishing with
removing most of the firewalling that is the default way of working.


  In particular, there are a number of
Quoted text here. Click to load it

I think it takes a bit longer than that..

  I can type "net use x:
Quoted text here. Click to load it

So that's two passwords to fight past, and hope the man has indeed got
windows netbios on, and the firewall off..which if he is a domestic
single user he will not have enabled either of.


Quoted text here. Click to load it

Windows is utter crap, but it's not THAT crappy.

Re: WiFi security issues? Newbie ? for W7

On 21/12/2010 15:12, The Natural Philosopher wrote:
Quoted text here. Click to load it

I happily agree that you have to turn off the firewall (or at least add
an exception) before shares (hidden administrator shares or otherwise)
are accessible.  But assuming you've done that, I've never had to do
anything else to get sharing working.

One thing that may make a difference is "home" and "professional"
versions of windows - I have only ever used "professional" versions.  So
if "home" versions take more effort and configurations, then I'll have
to take your word for it.

I also have fairly limited experience of windows after XP.  I've managed
to avoid Vista almost entirely, and my impression of Win 7 is that it
works, but looks a mess and does things differently for no apparent
reason.  So if things are different in Win 7, then again I don't know.

Quoted text here. Click to load it

For WEP, it doesn't take long.  For WPA and WPA, it depends a lot on the
pre-shared key and whether or not you use pre-calculated tables.

Quoted text here. Click to load it

I'm just warning about possible weak points in security - nothing more.
  Many people have poor passwords (or no passwords at all).  Many people
have their firewalls disabled without realising the issues this has.
And I think most people have the administrative shares enabled, because
they never knew such a thing existed.  This all adds up to many people
being susceptible to hacks through these shares.

For people who understand about security, it can be hard to appreciate
how insecure many windows systems are.  But the millions of zombie
machines around the world that testify to poor security.  (I know that
attacks via wireless networks are not the main cause of these zombies -
the point is that people regularly disable or abuse the security
features they have.)

Quoted text here. Click to load it

Windows software firewall is far from impenetrable.  There are many
common attack strategies.  It comes with holes - not every port is
blocked by default.  There are flaws in the implementation of the
windows networking system - these are regularly fixed, and new ones are
found.  People use third-party software firewalls - in my opinion, these
often lead to more vulnerabilities than windows own firewall, as they
add layers of complication that introduce new bugs and then new security
flaws.  But one of the biggest flaws is that people get so many pop-ups
(especially with third-party firewalls) or have so many problems getting
things like bittorrent to work that they disable the whole firewall.

I prefer to be paranoid - I use a hardware firewall between windows
machines and the internet.  But if that's not possible, then the
standard windows firewall, when properly configured (i.e., no
inappropriate exceptions), is good enough for short-term usage.  It is
not perfect, but it is seldom the weakest link.

Re: WiFi security issues? Newbie ? for W7

David Brown wrote:

Quoted text here. Click to load it

I agree,. I prefer to be paranoid. No windows machines at all AND a
hardware router.

But my remarks were from an XP installation a few years back inside a
firewalled network. I could not get the machines to talk nice to an
appliance that was supposed to be a visible share on the network.

Firewall. It took a fair bit to even get the machines to talk to each
OTHER. maybe they had 'home' on them.

Re: WiFi security issues? Newbie ? for W7

On 21/12/10 18:44, The Natural Philosopher wrote:
Quoted text here. Click to load it

My home machines (including laptops) are all Linux these days, with XP
in a VirtualBox as necessary.  But I can't escape from Windows at work -
there the machines are XP, with Linux in VirtualBox's as necessary.
Sometimes one system is better, sometimes another - depending on the job
on hand.

Quoted text here. Click to load it

It may be the "home" versions that were the problem.  MS has always put
some limitations on the file sharing capabilities of the home versions -
they didn't want anyone to think they could buy a "home" version and use
it as a server without paying the full "server" version prices.  It may
be that they accidentally improved their security that way!

Re: WiFi security issues? Newbie ? for W7

wrote:
Quoted text here. Click to load it


FUD from a Linux user noted.

In fact, you can prevent (at the cost of some slower download times)
all such attacks in public places by simply using a VPN.  That simple.

RL

VPNs (virtual private networks) for serious business

You always face serious risk when using public Wifi hotspots, public
broadband (Ethernet) connections, such as those at hotels or truck
stops. It is even more risky to use public computers at libraries,
Internet cafes, or hotel business centers.

And don't count on SSL (secure connections with https, and the
padlock) to keep your information private. They may have fixed it by
now, but as an example, it has been possible to "sidejack" the highly-
regarded Gmail application by simply listening to traffic at a
hotspot, using nothing more than a laptop and a little free software.

VPNs offer a good way for serious road warriors to avoid these
problems. VPNs use encryption to "tunnel" right through insecure
connections. You can rent VPNs by the month or by the year at Witopia
or HotSpotVPN. Hotspot Shield is a free (ad-supported) VPN service
recommended by Sunbelt Software (security software) and others. [more
solutions] [compare] [update]

Wireless hotspot service providers -- e.g., TMobile Hotspot, Boingo
Wireless, iPass -- provide a degree of enhanced security. But they
still recommend that you use a VPN [more].

Re: WiFi security issues? Newbie ? for W7

On Tue, 21 Dec 2010 17:07:12 -0800 (PST), RayLopez99
Quoted text here. Click to load it


always put
versions -
Quoted text here. Click to load it
and use
 It may
Quoted text here. Click to load it



Yeah, that is a little deep. He doesn't seem to know the difference
between a file server and a server o/s, which you don't need a server
o/s for a machine to be a file server. A professional or business o/s
workstation version will do nicely.

--
posted with a Droid

Re: WiFi security issues? Newbie ? for W7


Quoted text here. Click to load it

You can run a server, or a lot of servers, on an ordinary OS.
They are just applications like the file server software.
A "server OS" is usually just a stripped down ordinary OS.

Sid


Re: WiFi security issues? Newbie ? for W7

On 12/21/2010 10:21 PM, Sidney Lambe wrote:
Quoted text here. Click to load it

I don't know what an ordinary O/S is, and I have never heard of it.

A server OS allows more concurrent connections remotely, than some
cut-down O/S version does. As an example, the max number of concurrent
connections a Windows workstation O/S version can allow is 10.

So if you have 10 user connected to the workstation machine
concurrently, the 11th one is out and cannot get a connection until 1 of
the current 10 are closed. A server O/S is going to allow concurrent
connections based on the number of user licenses it supports, which is
more than the default of 10. This also applies if a Web server was
hosted by a server O/S as opposed to a workstation O/S hosting the Web
server.

There are other things that make a server O/S different, like clustered
servers, Web server farm, load balancing on servers etc, etc. However
the core components of a workstation and a server O/S are the same, with
the server O/S being able to do other things that a workstation O/S
cannot do.



Re: WiFi security issues? Newbie ? for W7

On comp.os.linux.setup, Steel <""> wrote:

Quoted text here. Click to load it

That's absurd.

My newsreader is a retard-free-zone.

<plonk>

Sid



Re: WiFi security issues? Newbie ? for W7

On 12/21/2010 10:50 PM, Sidney Lambe wrote:
Quoted text here. Click to load it

LOL the person is a typical dumb home user. However, the world is not
dumb-home-user free.

Re: WiFi security issues? Newbie ? for W7

On Tue, 21 Dec 2010 23:00:23 -0500, Steel wrote:

Quoted text here. Click to load it

Sidney Lambe (or the name) has been here before, to similar effect :-)

--
Gene E. Bloch (Stumbling Bloch)

Re: WiFi security issues? Newbie ? for W7

On 21/12/2010 10:41 PM, Big Steel wrote:
[...]
Quoted text here. Click to load it

[...]

It's what most people use. As in "ordinary clothes, ordinary cars,
ordinary food, ordinary houses, ordinary TV shows", and so on etc and so
forth.

HTH
Wolf K.

Site Timeline