RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Just two questions........The computer question?
From:
Kenneth Newman <[log in to unmask]>
Reply To:
Records Management Program <[log in to unmask]>
Date:
Wed, 28 Feb 2007 07:40:26 -1000
Content-Type:
text/plain
Parts/Attachments:
text/plain (165 lines) 
Greetings, all. Being a security person rather than a records person,
I've just been lurking on this list for quite a while. However, since
there's a security related topic here that I have quite a bit of
experience in, I thought I'd throw in my 2 cents.

As far as wireless security goes, multiple layers of protection are
required. One alone seldom does it. Many of controls mentioned in this
thread should be considered - all together.

WPA is indeed better than WEP in most respects. However, in Preshared
Key mode (in other words, without an authentication infrastructure which
is how most individuals use it), it is also susceptible to brute force
attack. This might take a while, but it's quite possible to sniff
encrypted traffic for a long while and save it until the key is cracked.

MAC address filtering does limit access to authorized systems, but MAC
address spoofing is fairly easy. Some of the wireless access point
vendors used to provide software to change your MAC address. Such tools
are still readily available on the Internet. Because only wireless data
frames (and not management frames) are encrypted, it's not really that
difficult to identify authorized MAC addresses and then copy them when
the authorized user disconnects.

Turning off the router while not in use is also a good idea. This along
with such configuration changes as disabling broadcasts, reducing signal
strength, limiting acceptable connection speeds, and not allowing NULL
or ANY ESSIDs to connect  will go along way to making an access point
less visable/noticable.

Ken

-----Original Message-----
From: Records Management Program [mailto:[log in to unmask]] On
Behalf Of Gerry McFatridge
Sent: Wednesday, February 28, 2007 3:41 AM
To: [log in to unmask]
Subject: Re: Just two questions........The computer question?


>If you're using a properly set up WEP Key, others won't find your
router....
>it should have a 128 bit key.

Well...widely available tools allow one to crack a 128 bit WEP in as
little as 60 seconds and the length of a WEP key does nothing to prevent
someone running a sniffer such as KisMac from finding you. 

WPA and MAC address limitation is really the way to go. Also, someone
using a laptop at home is not likely to leave their pc on 24/7 so
turning the power off on the router unless you're using it also will
make it a bit more difficult for folks to find you.  


> because the licensed version of W-XP is loaded once and you're trying
to re-load it?

I'm not sure what hurdles one may run into with validating WinXP
repeatedly in a virtualized environment. I have found thru personal
experience that validating WinXP when reinstalling due to a failed hard
drive or such is not a big deal - I've never even had to call Microsoft
as others have reported.

On the other hand, why run XP under Parallels Desktop when Windows 2000
runs fine and does not require validation. Snag a copy of Win2K while
you still can <grin>!!



Gerry

 

-----Original Message-----
From: Records Management Program [mailto:[log in to unmask]] On
Behalf Of Larry Medina
Sent: Tuesday, February 27, 2007 5:21 PM
To: [log in to unmask]
Subject: Re: Just two questions........The computer question?

On 2/27/07, Gerry McFatridge <[log in to unmask]> wrote:
>
> The only thing you  should worry about is making sure that your router

> is set up properly so that you have set your own login/password and
> are not using the default login/password. Use either WEP or WPA and 
> set it so that your router name is not broadcast which will make it 
> just a bit trickier for folks to even find your wireless router.


If you're using a properly set up WEP Key, others won't find your
router....
it should have a 128 bit key.

If you are going
> to be the only person using your Airport router I suggest that you 
> also set it so that it only allows a connection based on the MAC 
> address of your pc. In this case the MAC address has nothing to do 
> with your using a Mac - the MAC address is basically a unique network 
> adress (kind of like a serial number)that will basically tell your 
> router that you are who you say you are and not let anyone else
connect to your router.


Bingo!

As far as a firewall on your Mac itself the builtin OS X firewall is all
> you need. Since almost all the spyware/malware/virii/etc. you are 
> likely to come across is meant for the Windows crowd you really do not

> have to worry about "catching" something from a website or email.


And I think this is the issue... if you are running Parallels and  have
a PC Image of Windows on the Mac you can receive these spy/mal, etc
"ware" on that Parallels image, then you have to discard the image and
re-install a new image.... but will "Uncle Bill of Redmond" allow that,
seeing as you've already installed it once????? Does this become an
issue of DRM, because the licensed version of W-XP is loaded once and
you're trying to re-load it?

Your tech rep may be right in regards to no viruses messing up OS X but
> that has not always been true for Macs. The very first computer virus 
> I ever had to deal with was on my Mac SE back in the late 1980's. 
> However, the Mac operating system then (System 6)was totally different

> from the operating system now so that is really an apple/oranges sort 
> of comparison.


Ha ha ha... I get it  "Apples and Oranges" =)

If you do need to run some Windows app at some later date you can always
> worry about creating a partition for Bootcamp to do its thing then or 
> you could just use Parallels Desktop to run Windows in a virtual 
> window which would allow you to tun OS X and Windows at the same time 
> (which is pretty cool - Bootcamp requires booting up in one or the 
> other operating system).
>
> Enjoy your new system!!


But again, I'd have to ask, if you try to reload it, will it allow you
to?

I'm doing my level best to avoid buying Paralleles and loading an
instance of W-XP on my MacBookPro so I don't have to deal with this
personally, but Hugh may be in a different "place" in his world.

Larry


--
Larry Medina
Danville, CA
RIM Professional since 1972

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance

ATOM RSS1 RSS2