On Sun, 17 Jun 2007 19:47:58 -0700, Jeff Liebermann wrote:
> if I have physical access, I can extract the key from the registry.
Thanks to you, I am now better informed. I would assume this
WPA2-Pre-shared-key can also be extracted with a "virus" or a "trojan" ...
Is that correct?

> I believe that 20 characters minimum is considered best practices.
I just type away on the router to set the key and then write it down to
bring to the PCs. These pre-shared keys are around 20 or 25 characters but
I'll go longer from now on now that I know it's the holy grail.

>>One question: Do I have to use 192.168.xxx.xxx?
> 10.0.0.0 - 10.255.255.255 (10/8 prefix)
> 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
> 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
> They don't route anywhere.
Interesting. Very interesting. I think I'll rotate through these additional
addresses in my Sunday changes. I'll read up on the netmask stuff as it
seems to be the opposite of what I thought originally. Thanks.

> DHCP range limiting was never intended to be [a] security feature.
Bummer. Got it.

> when I worked in engineering many years ago, the drafting department
> gave me a "change everything" rubber stamp as a present.
I believe it!

> As I said in my previous rant, your primary and probably sole real
> security feature is the WPA or WPA2 shared key.
I'll spend more time making the WPA2-PSK key longer and harder to guess.
I've been using all the funky characters and I will try to use at least 30
characters each week.

>There is a wireless Windoze workaround at:
> <http://www.cacetech.com/products/airpcap.htm>
I'll check this suggestion out as I am very interested in seeing my first
packets ever!

> Either use a hub, which is really a repeater that repeats
> everything going into any port to all the other ports, or get a high
> end ethernet switch that has a configurable monitor port.]
All I have is a windows pc with a wireless router. I don't know about
"hubs" or "switches". Presumably the router is both a hub and a switch.

> Yep. That's what I've been trying to explain for the last 3 messages.
> Using DHCP to limit available IP's with a /25 netmask doesn't work.
As I said, and as you said, I need to bone up on the netmask!


>> Does netstumbler really provide the MAC addresses of the
>> client machines?
> No. Netstumbler is NOT a passive sniffer.
> I suggest using backtrack & kismet.
> That should show client MAC addresses
I think I'll set up a separate spare PC for that as it sounds interesting.
I also have Knoppix CDs so I might see if I can somehow use Knoppix with
Kismet.

> I often have the two routers
> connect to each other, thus forming a VPN tunnel,
> which makes my office and home network look like one big LAN.
> All the traffic is encrypted by the tunnel, so hotspot sniffing
> is useless.
> They run DD-WRT V23 SP2 and SP3 respectively. Try it:
> <https://home.LearnByDestroying.com:8080>
I saw "Suzy", "micron", and "BLITZEN". :)

> Use some form of monitoring to determine what your network is
> doing and who is on it.
Got it. I'm working on that as noted above.

> You might want to read the FAQ for alt.internet.wireless.
> FAQ for Wireless Internet: <http://Wireless.wikia.com>
> FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
> Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
> Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>
Will do! Thanks!

I hope to learn more and more and more so I'll go quiet a while so I can
learn without troubling others!