[sf-lug] WIFI set-up
maestro
maestro415 at gmail.com
Mon Apr 18 04:49:08 PDT 2016
quoting rick moen:
>>And it's not 'trolls/assholes knocking you off'.
>>It's just wifi flakiness.
are you actually stating it is totally impossible for someone to disconnect
others from a shared (or public) wifi connection (besides the admin{s} )?
prove it.
>>Don't slather additional layers of software
>>onto computers as a magic talisman against security threats, without
>>understanding what those threats are, and without _understanding
security_.
>>It will accomplish nothing useful, and you'll probably just DoS
>>yourself.
agreed.
interesting you don't discuss how YOU configure your system(s).
that's entirely your perogative, but it's circling the topic with
information, some of it good, without "here's what i do".
>>If people _did_, and otherwise showed signs of bothering to engage with
>>topic basics, I might talk about how to probe your own machine using
>>nmap, the way the bad guys might.
many don't join a conversation until someone is talking about something
that engages them.
i will only speak for myself...i'm listening...
>>I'd _love_ to teach that. It's not even difficult, and results are
often interesting,
no one's stopping you. you could even start a thread here, @ sf-lug mailing
list...
>>I'm betting few here have even figured out use and interpretation of the
>>'ps' command, let alone understand their distributions' startup scripts.
possibly, and quite possibly they are ripe for learning ^^^
>>I get the recurring impression I'm talking into the
>>wind
try listening to the wind more...
>>whenever I speak of having awareness of what processes you
>>(generic-you) are running on computers, because few SF-LUG people seem
>>interested in actually knowing what their computers are doing, let alone
>>asserting control over that.
i disagree. i think more and more people are wanting to be less intimidated
by linux
and want to learn how things work on their system(s). we have new users
coming to
meetings initially sheepish, thinking it's going to be a full-on
'snowden'-like hackfest, realize
it's not, and keep coming back. bobbie and michael are excellent with
keeping fresh distros
distributed and the magazines and tux on the tables...
and we soldier on...some unable to get mail from back home as they can't
connect to the wifi @ the cafe.
message ends.
__________________
On Sun, Apr 17, 2016 at 3:49 PM, Rick Moen <rick at linuxmafia.com> wrote:
> Quoting maestro (maestro415 at gmail.com):
>
> > as noted in my original mail, interested i am in configurations that
> > KEEP/PREVENT getting 'knocked off'/disconnected from networks (that
> is/are
> > incorporated IN linux distros of different types).
>
> You cannot prevent flaky wifi networks from losing your user-auth status
> and/or DHCP lease. And it's not 'trolls/assholes knocking you off'.
> It's just wifi flakiness.
>
> Why _specifically_ did you think 'trolls/assholes knocking you off'? I
> figure: really bad and somewhat Silly Wild-Assed Guess (SWAG) --
> without _any_ plausible mechanism in mind, fighting against Occam's
> Razor for every inch of ad-hockery.
>
> As a very general point: Don't slather additional layers of software
> onto computers as a magic talisman against security threats, without
> understanding what those threats are, and without _understanding security_.
> It will accomplish nothing useful, and you'll probably just DoS
> yourself.
>
>
> So, here we are, having another conversation where we discuss basics, and
> I get the nagging impression there's a fundamental disconnect. Let's
> start here with a basic term I used that's essential to discussion of
> security: https://en.wikipedia.org/wiki/Attack_surface Basically,
> the attack surface of a machine on the Internet is its software
> footprint that can be 'seen' (probed) from remote.
>
> Connect such a machine to the Internet, and its TCP/IP stack suddenly
> has a visible presence. (That _is_ the initial 'attack surface'.) If
> hypothetically the client machine is _also_ running publicly reachable
> Internet services such as Samba (SMB Microsoft-style networking) or
> Apache httpd (Web server), those would also become part of the attack
> surface: They would be part of what can be 'seen' (probed) from remote.
>
> Except, _why_ would a workstation or laptop be running those at all, let
> alone bound to public-facing network ports? They just wouldn't. You'd
> have to go far out of your way to create that additional exposure.
>
>
> The disconnect: I get the recurring impression I'm talking into the
> wind, whenever I speak of having awareness of what processes you
> (generic-you) are running on computers, because few SF-LUG people seem
> interested in actually knowing what their computers are doing, let alone
> asserting control over that.
>
> I'm betting few here have even figured out use and interpretation of the
> 'ps' command, let alone understand their distributions' startup scripts.
>
> If people _did_, and otherwise showed signs of bothering to engage with
> topic basics, I might talk about how to probe your own machine using
> nmap, the way the bad guys might, as I talked about in my IDG article
> 'Attacking Linux', back in 2000:
>
> http://web.archive.org/web/20080427075329/http://security.itworld.com/4352/LWD000829hacking/pfindex.html
> I'd _love_ to teach that. It's not even difficult, and results are
> often interesting, e.g., in probing Windows boxes and noting the
> horrifying array of publicly reachable Internet services they run by
> default. But instead, we're stuck at the starting line, and people
> instead want magic talismans so they don't have to understand Linux
> basics.
>
> And that's too bad. Because actually being in control of what your
> machine is and isn't doing -- that's your birthright as Linux users.
>
>
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug
> Information about SF-LUG is at http://www.sf-lug.org/
>
--
*~the quieter you become, the more you are able to hear...*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/sf-lug/attachments/20160418/84ea0e0e/attachment.html>
More information about the sf-lug
mailing list