On Tue, Nov 01, 2005 at 11:09:13AM -0500, Gunnar Wolf wrote: >Regarding wireless: No encryption is needed. We will set up our own >infrastructure. Oaxtepec does not care much about it. I think we >should leave the net open, or at most with WEP. Please consider the security problems associated with a wireless network. During debconf5, somebody run a dhcp server accidentally, stopping proper dhcp leases to be delivered to new clients. It is very important to warn people about disabling any dhcp server that they may have configured on their laptops. A more serious problem happened during LCA 2005, http://linux.conf.au, in Canberra. A malicious dhcp server was set up to route network traffic to a bogus web server. People were urged to use ssh public keys only and to not send any password (even encrypted ones) over the network as they could be cracked offline by the attacker. We should ask everyone to configure their laptops and ssh servers at home/work to use public keys. Aníbal Monsalve Salazar -- .''`. Debian GNU/Linux : :' : Free Operating System `. `' http://debian.org/ `- http://v7w.com/anibal
Attachment:
signature.asc
Description: Digital signature