[sf-lug] WIFI set-up

Rick Moen rick at linuxmafia.com
Sun Apr 17 15:49:00 PDT 2016


Quoting maestro (maestro415 at gmail.com):

> as noted in my original mail, interested i am in configurations that
> KEEP/PREVENT getting 'knocked off'/disconnected from networks (that is/are
> incorporated IN linux distros of different types).

You cannot prevent flaky wifi networks from losing your user-auth status
and/or DHCP lease.  And it's not 'trolls/assholes knocking you off'.
It's just wifi flakiness.

Why _specifically_ did you think 'trolls/assholes knocking you off'?  I
figure:  really bad and somewhat Silly Wild-Assed Guess (SWAG) --
without _any_ plausible mechanism in mind, fighting against Occam's
Razor for every inch of ad-hockery.

As a very general point:  Don't slather additional layers of software
onto computers as a magic talisman against security threats, without
understanding what those threats are, and without _understanding security_.  
It will accomplish nothing useful, and you'll probably just DoS
yourself.


So, here we are, having another conversation where we discuss basics, and
I get the nagging impression there's a fundamental disconnect.  Let's
start here with a basic term I used that's essential to discussion of
security:  https://en.wikipedia.org/wiki/Attack_surface   Basically,
the attack surface of a machine on the Internet is its software
footprint that can be 'seen' (probed) from remote.  

Connect such a machine to the Internet, and its TCP/IP stack suddenly
has a visible presence.  (That _is_ the initial 'attack surface'.)  If
hypothetically the client machine is _also_ running publicly reachable
Internet services such as Samba (SMB Microsoft-style networking) or
Apache httpd (Web server), those would also become part of the attack
surface:  They would be part of what can be 'seen' (probed) from remote.

Except, _why_ would a workstation or laptop be running those at all, let
alone bound to public-facing network ports?  They just wouldn't.  You'd
have to go far out of your way to create that additional exposure.


The disconnect:  I get the recurring impression I'm talking into the
wind, whenever I speak of having awareness of what processes you
(generic-you) are running on computers, because few SF-LUG people seem
interested in actually knowing what their computers are doing, let alone
asserting control over that.

I'm betting few here have even figured out use and interpretation of the
'ps' command, let alone understand their distributions' startup scripts.

If people _did_, and otherwise showed signs of bothering to engage with
topic basics, I might talk about how to probe your own machine using
nmap, the way the bad guys might, as I talked about in my IDG article 
'Attacking Linux', back in 2000:
http://web.archive.org/web/20080427075329/http://security.itworld.com/4352/LWD000829hacking/pfindex.html
I'd _love_ to teach that.  It's not even difficult, and results are
often interesting, e.g., in probing Windows boxes and noting the
horrifying array of publicly reachable Internet services they run by
default.  But instead, we're stuck at the starting line, and people
instead want magic talismans so they don't have to understand Linux
basics.

And that's too bad.  Because actually being in control of what your
machine is and isn't doing -- that's your birthright as Linux users.





More information about the sf-lug mailing list