[clue-tech] Re: Wireless security again

Collins Richey crichey at gmail.com
Tue May 17 20:49:02 MDT 2005 

On 5/16/05, Collins Richey <crichey at gmail.com> wrote:
> A friend just gave me a WRT54G unit which is working ok for the two
> windows laptops in the household - both have builtin .G functionality.
> I haven't completed the setup to use Linux (one of the laptops is dual
> boot).
> 
> I've setup the unit and the laptops for WEP 120bit security, but I'm
> not really interested in leaving one these beasts connected 24x7. My
> planned use of the unit is as follows
> 

[ layout snipped - see previous ]

> I'm just wondering what the real exposure is, since neither of my
> regular PCs will ever be on the wireless connection. 

Thanks for the replies thus far. It's not practical to put the WRT54G
in the basement - no hard wiring there. Also, the WRT54G is near a
wall/window, so it's range would be pretty good on that side of the
neighborhood.

To follow up on my earlier question, is there a likely (or even
difficult) path through the wireless connection to get to my desktop
PCs? Give the diagram, lets say the wired router hands out addresses
like 192.168.4.nnn. The WRTG gets one of these addresses on its
inbound side and hands out addresses like 192.168.5.nnn where
192.168.5.1 is reserved for the WRT45G itself. All of these addresses
are private, non-legit for the public.

Can a sniffer break into one of my wireless laptops and tunnel into
the 192.168.4.nnn range?

To be a little more specific about usage, neither of the laptops are
intended for any kind of financial transactions, but the Windows
desktop PC does a few Ebay and Paypal transactions per week.
Supposedly, these are well encrypted. Can a sniffer be looking at
those transactions given the description above?

Before anyone suggests it, I'm NOT into putting up a permanent 24x7
firewall machine. That's an obvious solution, but I don't want
anything running 24x7 except the cable modem and hardwired router.

HTH,

-- 
 Collins
       Head teachers of the world unite: you have nothing to lose but 
       the Start button.

More information about the clue-tech mailing list