 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2
 ·CenturyLink
| Are Open SSIDs in decline quote:
This one started the setup by defaulting to WPA-2 / Personal, and asked me what I wanted to use for a key ! You really have to be determined now to create an Open SSID ( good news ! )
»isc.sans.edu/diary.html?storyid=13102
I just did a scan near me.
11 are secured (2x WEP which doesn't really count)
2 are open
1 is a coffee shop (open)
--
Don't feed trolls--it only makes them grow! |
|
OZOPremium
join:2003-01-17
kudos:2 | No, they're not.
You just have to know where to look.
--
Keep it simple, it'll become complex by itself... |
|
 nwrickertsand groperPremium,MVM
join:2004-09-04
Geneva, IL
kudos:7
 ·AT&T U-Verse
| reply to StuartMW
Yes, they are in decline.
I think this is a hardware change. Most of the newer routers setup some sort of security by default, and many people just go with the defaults.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 11.3; firefox 3.6.8 |
|
 DrStrangeTechnically feasiblePremium
join:2001-07-23
West Hartford, CT
kudos:1 | reply to StuartMW
Absolutely. |
|
 antdudeA Ninja AntPremium,VIP
join:2001-03-25
United State
kudos:4
 ·RoadRunner Cable
| reply to nwrickert
said by nwrickert:Yes, they are in decline.
I think this is a hardware change. Most of the newer routers setup some sort of security by default, and many people just go with the defaults.
But which security? WPA? WEP?
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
nwrickertsand groperPremium,MVM
join:2004-09-04
Geneva, IL
kudos:7 Reviews:
·AT&T U-Verse
| said by antdude:But which security? WPA? WEP?
Scanning from my window, 5 years ago I would have seen 2 WEP, 1 WPA (my own network) and a bunch of open nets.
Today, I see 3 or 4 WPA and around 7 or 8 WEP, nothing open.
It still looks as if most users are clueless, and going with the defaults. But the defaults are a bit better than before.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 11.3; firefox 3.6.8 |
|
 caffeinatorComing soon to a cup near you..Premium
join:2005-01-16
WA, USA
kudos:4
·CenturyLink
| said by nwrickert:said by antdude:But which security? WPA? WEP?
Scanning from my window, 5 years ago I would have seen 2 WEP, 1 WPA (my own network) and a bunch of open nets. Today, I see 3 or 4 WPA and around 7 or 8 WEP, nothing open. It still looks as if most users are clueless, and going with the defaults. But the defaults are a bit better than before. Agreed.
Setting up a laptop for a family member recently, I saw around 10 connections of which all were WPA and only one wasn't secured. But, it had to be intentional as the ID was DDWRT. Heheh.
This was wireless B/G only as the lappy doesn't do N. When you add up everything that I can see from my place... B is almost non-existent, WPA G is the vast majority with a few older routers still running WEP and maybe a couple N-capable routers once in awhile.
--
My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages |
|
 LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | reply to nwrickert
Out of 11 SSID's I can scan from home, there is 1 open(but protected by a guest password), 1 WEP, and the other 9 are WPA2. 2 years ago, most were open, a WPA, a couple WEPs. So, yes, things have changed. |
|
| reply to StuartMW
I don't see this as "stealing" when
A)You advertise your network as "Open".
B)You extend your network into my house... |
|
caffeinatorComing soon to a cup near you..Premium
join:2005-01-16
WA, USA
kudos:4 Reviews:
·CenturyLink
| said by crypto :
I don't see this as "stealing" when
A)You advertise your network as "Open".
B)You extend your network into my house...
I would generally agree with A), but the Law wouldn't.
I don't really agree with B) on the grounds of it being very difficult to limit the area you may transmit to using consumer hardware and with average users in mind. Sure, you can usually change power levels, but how many non-geeks know how to do that?
Bascially, what choice do they have? Most people I know IRL don't even know what Wi-Fi actually is, much less how a router works.
Oh, and how exactly would you test the radius in a multi-dwelling situation?
I live in an old Apartment building in a decent-szed 1BR apartment, but the guy down the hall in the tiny Studio doesn't even have his own bathroom, that's how small his is. Another dude downstairs I actually sold a router to...his is about the same size and he doesn't even use any security at all. Funny when you see a SSID that you'd setup in your list from someone else. 
Explain to me how you could limit and test the wi-fi transmission area in a 15'x25' Apt. For the computer/Internet illiterate people as well, because the majority of users are.
--
My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages |
|
| quote:
I would generally agree with A), but the Law wouldn't.
Precedence/legislation citation?
quote:
I don't really agree with B) on the grounds of it being very difficult to limit...
If you don't know how it works or how to work it, don't use it. Its negligence on your part if you do.
Its like opening your doors, yelling into the street your house is open and available for anyone to use, acknowledge them as they walk up, then charging everyone who walks in with trespassing.
I could go on for pages, listing things like public domain, airspace, property lines, bandwidth, non-physical, etc.,etc., but I think I've made my point and end it now. |
|
|
|
nwrickertsand groperPremium,MVM
join:2004-09-04
Geneva, IL
kudos:7 Reviews:
·AT&T U-Verse
| reply to caffeinator
said by caffeinator:I would generally agree with A), but the Law wouldn't. I don't think there's a decisive legal precedent at present.
Personally, I agree with the principle - the network is advertised as open, and when you request an IP address, one is offered. So it seems that you were invited.
If MAC filtering or even the insecure WEP is in use, then it's a far clearer case that there is some element of breaking in. If the only protection is a hidden SSID, or not running a DHCP server, it gets more iffy as to how the law would look at things.
My general advice: Use WPA, do not hide the SSID, do not use MAC filtering.
If, for some reason, you cannot use WPA (compatibility with an old device, perhaps), then use either WEP or MAC filtering. This won't keep the determined hackers out, though there would be a better legal case against them (if you catch them). And it will keep the neighbor from accidentally connecting to your network.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 12.1; firefox 12.0 |
|
| said by nwrickert:If MAC filtering or even the insecure WEP is in use, then it's a far clearer case that there is some element of breaking in.
Right, so in the case of MAC filter a spoof would be an act of fraud, but WEP is so simplistic that its basically just a different language and easily learned through listening. I don't consider it security and I'm surprised the industry wasn't dragged through the courts by class action law suits for labeling their product as secure. |
|
 smunro622Premium
join:2006-02-15
Madison Heights, MI | reply to StuartMW
In a recent legal decision the open wifi and wireless was cited as a ip belonging to a person no holds water...should be intersting in future legal battles |
|
LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5
1 edit | reply to nwrickert
I set mine to be as annoying as possible to see and access. I use WPA2 AES (no TKIP) with a randomly generated SSID & a randomly generated password of at least 20 characters. I use MAC filtering; hidden SSID; DHCP off; remote mgt turned off; guest networks disabled; WiFi protected setup disabled; and power level turned down so that wireless footprint doesn't extend beyond property line. And the IP address of the router and net changed from the default 192.168.1.1.
All my devices are hard coded with network info and don't use DHCP.
Does this mean it is impossible to break-in to my network? No. But it would take a truly determined person, with lots of tools, and a powerful computer to crack WPA2 encryption. For most neighbors, my net doesn't exist and even accidental access attempts are unlikely.
My router logs have never shown even an attempt to access the network. |
|
antdudeA Ninja AntPremium,VIP
join:2001-03-25
United State
kudos:4 Reviews:
·RoadRunner Cable
| said by Linklist:... My router logs have never shown even an attempt to access the network. Which router do you have to show attempts? |
|
caffeinatorComing soon to a cup near you..Premium
join:2005-01-16
WA, USA
kudos:4 Reviews:
·CenturyLink
| reply to crypto
So, every computer user in the USA is expected to know how to properly setup a router or be told to GTFO? That won't happen.
The point you've made is from the viewpoint of someone familiar with computers and technology. Good for you, I understand that POV, but the vast majority of users don't know what any of this means and don't want to.
They just want to use their things.
--
My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages |
|
LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | reply to antdude
said by antdude:said by Linklist:... My router logs have never shown even an attempt to access the network. Which router do you have to show attempts? Netgear WNDR3700.
Wireless Access, both allowed & denied, is logged. As well as any connections to web based router interface. |
|
antdudeA Ninja AntPremium,VIP
join:2001-03-25
United State
kudos:4 Reviews:
·RoadRunner Cable
| said by Linklist:said by antdude:said by Linklist:... My router logs have never shown even an attempt to access the network. Which router do you have to show attempts? Netgear WNDR3700. Wireless Access, both allowed & denied, is logged. As well as any connections to web based router interface. Ah. I had to use Debian/Linux's Arpwatch with my Linksys WRT54GL (stock firmware), but that only shows successfully connections and MAC addresses can be faked.
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
 Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | If you are lucky you can get free and open SSID in your neighbor's yard.
You got mail!
»creativity-online.com/work/terra···fi/27321
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
