Re: Dumb question abt. Wireless WEP security 2

[Alvin Oga <alvin.sec () Virtual Linux-Consulting com>]

hi ya

> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > hi, here's another "dumb" question, if i'm using an unencrypted wireless
> > access point and oh, doing some online banking that is encrypted, even
> > if somebody was listening to the wireless part, wouldn't it still be
> > gogblygook?

even if it is... they can decrypt in a few seconds if your password/passphrase
is simple dictionary lookups ... "my pet's name is spot" is not agood passphrase

if you want to know your data is secure ...

        treat it as if you have a "spy" that can read/write anything you
        do and you assume the risk of which is the least risky

ssh/ssl encryption doesnt help if you use insecure passphrases
or an exploitable ssh daemon/clients

(wireless stuff) wep is cracked ...

more wireless fun
        http://www.Linux-Sec.net/Wireless/

btw.. for online banking... geez... you're asking to have $100K from
your bank acct ??? or charged to your credit card ??
        at least use your desktop w/ https for "online banking" ...

<paranoid>
c ya
alvin

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------