On 7 Aug 2006 10:04:25 -0700, "Amanda" <amanda772008@yahoo.com> wrote in
<1154970265.127366.90240@75g2000cwc.googlegroups.c om>:

>> >"Such passwords are suitable for systems that limit the number of bad
>> >login attempts an attacker can make and protect the file containing the
>> >encrypted passwords (this is called password shadowing on Unix-based
>> >systems). Unless you are sure this is the case pick a stronger password
>> >following the advice below"
>>
>> That refers to a password of only 8 characters.
>
>Which refers to a password of only 8 characters? You means the
>passwords for systems that limit the number of bad login attempts?

I misspoke -- that actually refers to a password made up of two (and
only two) diceware words joined by a special character, which could even
be as short as only 3 characters, on average about 9 characters, and
might have to be truncated to 8 characters, since that's a not uncommon
limit. Such short passwords are vulnerable to brute force attack, and
should only be used if the system limits the number of bad
authentication attempts. Otherwise the password should be longer and/or
more random.

>> If you're like most people, ...
>
>I am not like most people:)- ...

OK, OK. :)

>> >Btw, if I want a guest to get onto my wireless network to use internet
>> >via the guest's laptop, what is the procedure I need to do on that
>> >laptop? Just enter "WPA Shared Key:" to give the guest access. I will
>> >have to do it only once, right?
>>
>> Right. But that compromises your security. Ideally you want a
>> hotspot-type router that can give them controlled access to the Internet
>> without needing your wireless key and isolating them from your own
>> wireless and wired clients.
>
>What of the guest is using his laptop given by his employer "Intel"? Am
>a I safer assuming that his laptop has high security? The guest is
>staying at my place temporarily.

There are two different security issues:

1. Wireless security. His laptop might well have high security, but
when you give him your key, there's a risk that he might inadvertently
give it to someone else. There are a number of ways to deal with this:

(a) Change your passphrase after he leaves. This is the least you
should do.

(b) Use a hotspot-type router with different security zones, putting
him in a guest zone. Unfortunately, commercial hotspot routers are
typically much more expensive than commodity routers, which is why
I recommended the alternative of running third-party firmware in a
Linksys WRT54GL.

(c) Use external RADIUS authentication on your WLAN. Radiuz
<http://radiuz.net> is a free service that I haven't used myself but
reportedly works well. You can give create a special account for your
guest, and delete it when he leaves. This also works well with 1(b)
above.

2. LAN security. Even if he's a good fellow that won't misuse access to
computers on your LAN/WLAN, his computer might be unknowingly infected
with malware (virus, trojan, spyware) that could. Again, there are a
number of ways to deal with this:

(a) Secure your LAN. What to do is covered in the How To wiki below.
This is the least you should do.

(b) Use a hotspot-type router with different security zones, putting
him in a guest zone that can only access the Internet. See 1(b) above.

The solution I most often recommend to those on a tight budget is
third-party firmware in a Linksys WRT54GL, with either tinyPEAP
<http://www.tinypeap.com> or Radiuz (1(c)).

>> The least expensive way to do that is with third-party firmware in supported
>> hardware like the Linksys WRT-54GL.
>
>That third-party firmware is not supported in WRT 54G, right?

It is supported in some models, but poorly or not at all in other
models.

>What "L"
>stands for in WRT-54GL.

"L" is presumed to stand for Linux, the free open source operating
system used in some models of the WRT54G.

See <http://en.wikipedia.org/wiki/WRT54G> for more info.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>