apngss@yahoo.com wrote:
> I am using a Linksys Wireless Adapter. On site survey, I am able to
> see the list of nearby wireless networks. For each wireless network, I
> am able to see the SSID, wireless mode, channel, security mechanism,
> and MAC address.
> It is quite scary because we could see MAC address too? That means
> people can hack the system?
> I have seen some SSID that doesn't use any encryption at all. Does it
> mean I am able to login to that wireless network without any security?
> But I tried and it says couldn't find the access point. I am confused
> because that wireless network can be scanned on site survey, then how
> come it says couldn't find the access point?
> Please advise. Thanks!!
Even if the SSID you're seeing is not encrypted, the Access Point may be
configured to associate only with certain clients, as Pat mentioned.
> [TELECOM Digest Editor's Note: First, I want to apologize that no
> one seemed willing to talk about this to you yesterday when you first
> wrote me, asking about WEP encryption. I provided you with a few
> links to examine, they were easily found through Google with the
> search key 'WEP Encryption Tools'. I hope that helped you out some.
Pat, the reason those "in the know" about WEP and its weaknesses don't
like to talk about it is that we sometimes use it for our customers.
The problem is that WPA, although it has much better security, is
notoriously hard to get running, especially between nodes made by
different manufacturers. I've had occasions where I promised to
encrypt a customer's WiFI network and was forced to use WEP rather
than admit I couldn't get WPA to function.
> Perhaps why it displays these places to you on site survey yet
> claims it is unable to reach them is because although encryption
> is a powerful tool to keep people out of your business (I use 64-bit
> encryption with my wireless card) there are a couple other lines of
> defense: One is to tell your router/adapter/whatever "do not broadcast
> my name" leaving intruders to guess at whatever name you call your
> wireless link and/or your computer, and two, telling your router/adapter
> "do not respond to anyone but myself (MAC address, etc). By using
> 64-bit encryption along with 'do not broadcast' and 'do not respond'
> you do make things more difficult, essentially if not totally, private.
> PAT]
I'm tempted to admonish you to switch from 64 bit to 128 bit WEP, but
it's just a reflex, akin to wishing I had used a code when the teacher
caught me passing a note in class and read it aloud.
The fact is that _any_ WEP encryption is really just a "No
Trespassing" sign placed on an access point: a lock designed only to
keep honest people honest, not to keep out thieves. WEP is the "Beware
of Dog" sign of the WiFi biz: it's just window dressing for those who
don't know any better, and we don't like to talk about it because
sometimes it's all we have.
William Warren
(Filter noise from my address for direct replies)
William Warren (william_warren_nonoise@speakeasy.net)