Friday, August 12, 2005

More on war driving and WiFi security

More and more articles are popping up talking about war driving and home users who are not locking down their wireless networks. Well folks, it is not as easy as they would make it seem. There are two modes. Unsecured and Secured. If your WAP is unsecured it means that you are broadcasting your SSID to the world and you are broadcasting information via clear text format and NOT having it encrypted via either WEP or WPA. So, with that in mind I set out this evening trying to get my laptop wireless adapter (pcmcia card) to connect to the Motorola WAP in my house with WPA 64bit or 128 bit encryption. After about an hour I gave up. LOL... I am not sure WHY exactly I could not make it work. However I did figure out a work around with regards to securing my access point to the public. Everyone can do this so I would highly recommend you doing this if you have not.
Log on to your wireless router and go into Wireless networking. Turn SSID broadcasting off. When you do that someone war driving in your neighborhood with a laptop that is sniffing for a WAP wont find yours. You can further lock down your WAP by going in and adding the MAC address to an accepted MAC address list on your WAP. That means that if the MAC address that is trying to connect is not found in the approved list it wont make the connection.
So, my WAP is now invisible to outsiders and you have to know my MAC address for my wireless network card to connect.
Here is another word on war driving folks. In some states it is actually a felony if you get caught intentionally connecting to someone's WAP and accessing the Internet without their permission. There are not many states implementing this and I guess some of these laws are more municipal ordinances and not really statutes. So, that means if you war drive like I do from time to time you need to know what the law is because ignorance is no excuse.
When I need to find a place to log on so I can check my e-mail when I am away from home I never go into a residential neighborhood. What I do is I find a busy business district and start scanning for WAP signals and when I find some I just pull into a parking lot and join an unsecured business WAP, check my email and go along my merry way. DOH!!! Why are businesses not locking down their WAP's ?
Did you see the news article in the Post and Courier here in Charleston where the city is going to be implementing a wireless cloud over the entire Charleston peninsula by sometime in 2006 ? They said it would cost 1 million or more to do this but wireless Internet would be free for all within this cloud. Wahoooo, I cant wait. LOL...
Something else I did on my network inside the house is to lock down web access. I installed Weblocker on the kids computer and I turned on IE Content Management control. That means that there is a master password for IE content management on my main pc and if the kids try to go to a site that is being denied they have to figure out the master password to add it to the accepted website list. I also turned off the ability to view unrated sites. So if the site is not rated it wont be viewed by wandering eyes.

Which way will Irene go?

According to the news articles I just read on the NET Irene is still a tropical storm BUT it may be upgraded to hurricane strength sometime Friday night. Well, I suppose that is expected as the experts have predicted that the folks on the East Coast and the Gulf of Mexico can EXPECT to see a LOT of hurricane activity this year. We have until October/November before hurricane season is over and I predict that Charleston SC will probably see some activity. Even if Irene nails the outer banks of NC we will get a lot of rain and high wind. That is better than a direct hit but nonetheless with Charleston being below sea level we will experience some pretty high tides and plenty of flooding in downtown.
Ok, now that I have the weather portion of this blog completed let me say that not much has changed here. Pretty much same ole thing going on. The kids are back in school and Katy has started her new job as a TEACHER for Charleston County this year. Between now and the 22nd Katy will be attending workshops and Inservice training with other new teachers. Katy is just glowing with all of this new activity in her life even if it is sapping her of all her extra energy. Speaking of that WE need to find a way to get into the bed before 12 midnight. LOL...
I was off from work today and was HOPING to get to sleep past 7 am when Kristina (our princess) woke me up in the process of waking up her brother this morning at 6 am. So, I have been up and at em every since 6 am. Katy and I both crashed and burned this afternoon/evening on our respective TV sleeping positions (LOL) and missed Judge Judy. So, now that happy nappy time is over we can sip coffee and get supper to cooking.
I went to my SECOND interview at MUSC today. It was more of the same unfortunatly. Today I got to answer the same question I had answered before except that the shift supervisors were in attendance to listen to my answers. I think that I am still in the running for one of the three positions and should know more by next Wed when they are supposed to make a decision

Genuine Windows Validation HELL

I just discovered that I am unable to run Windows Update thanks to Microsoft implementing "Genuine Windows Validation" on their Windows Update Website. Thanks very much Microsoft. LOL...
It appears that the "type" of registration code is deemed invalid because it is the type of registration code that is only used in companies that use volume licensing. Volume licensing means that the company receives one master product registration code and they can install it on X amount of computers within their company.
What happens to employees when their company gives them a pc or laptop to take home to do work. They can not run Windows Update now because as soon as Microsoft notices that their product key is a company issued volume license and they are a home user then they will not be allowed to update their OS with the recent Microsoft security updates.
So, that ultimatly means that we will have pc users logged on to the Internet with computers with Microsoft Operating Systems that are not up to date and can be compromised by all of the latest security hacks and possibly create DOS attacks and spread viruses galore. Is that what Microsoft wants??