Taking a moment's reflection, Doug Jamal mused: | | That is not necessarily true. I am currently using WPA-PSK (AES | cipher). The equipment I am utilizing is the Netgear WG511T card in | conjunction with the D-Link DWL2100AP (rev C) using the latest | firmware release for both devices.
... but are you using Netgear's connection tool for the wireless client, or are you using the built in XP (WZC) connector? As stated originally, my comments only apply to the built in connection manager. AES will work under XP ... just not with the built in tool.
Taking a moment's reflection, Floyd L. Davidson mused: | | I don't agree that having wireless at the FBI building in DC is | insane either. My bet is they do. And they probably have | intentionally put in a non-trivial security flaw too! And then | bait it with something juicy... :-)
Are you suggesting the feds would honey pot their own offices? Surely not! ;-)
I'm not a security expert and am no longer in the awkward positions of having to administer and guarantee the security and integrity of my customers systems. (Wooopeee!) Although I use Firefox heavily, I haven't really played with all the myriad of extensions and toolbars. A quick look at Spoofstick:
formatting link
interesting, possibly useful, but due to lack of experience, I have no opinion.
However, such a program will do nothing for the current crop of DNS cache corruption exploits, that redirect the DNS lookup to the phishing site. There's nothing a user can do to authenticate the DNS lookup. BofA is adding "sitekey" in an attempt to mitigate the phishing problem:
formatting link
In general, programs that require an intelligent decision on the part of the GUM (great unwashed masses) is doomed to failure. I install personal firewall, anti-virus, and anti-spyware programs on my customers computahs. Depending on what they're doing (installs, updates, getting attacked) these programs offer pop-up windows that ask the user for an intelligent decision. The batting average of the GUM is dismal. Most will consistently make the wrong decision. In my cynical opinion, such decision based security methods are only useful for intelligent and informed users, which seem to be in short supply.
In my never humble opinion, the security problem breaks down quite simply. It's choice between authentication and anonymity. You can't really have both at the same time. In order to prevent spoofing, phishing, identity theft, spam, and such, it would be easy enough to authenticate every packet, that would be traceable back to its point of origin. That would solve most of the outstanding security issues quite easily. Just one catch. You loose all possibilities of anonymity. Anonymous political and corporate dissent would effectively be over. I wouldn't be able to cruise the p*rn sites and buy lingerie for my mistress without having the packets traced back directly to me. (What a horrible thought). So, while waiting for the GUM to decide how they want it done, various compromises are thrown together, which methinks will generally fail or be circumvented. Lacking a suitable consensus, our beloved government has the bad habit of making such decisions for us and given the opportunity, will surely do so.
I was reading your comment about URL redirectors which made me think about Mozilla Firefox with the extension called Spoofstick. This extension is supposed to show the TRUE URL to which your browser is pointed even if you have been redirected to a phishing site. In other words the URL address line may show
formatting link
whereas the Spoofstick URL address line would show you to actually be at
formatting link
Any comments as to the effectiveness of the Mozilla browser with that extension?
You did Mark, and anybody can look at it to see. You cut the entire end of a sentence off, and responded to the introductory phrase as if the rest of it didn't exist.
Now, excuse yourself if you have the courage, or not, it makes little difference, your rudeness can't be erased anyway.
Mark, the introductory phrase was *not* the import of that sentence. If isn't clear to you, *read**it*. The rest of the sentence held virtually *all* of the meaning, which you totally ignored and responded as if I was saying that the phrase you selected was, all by itself, of some significance. It clearly
*changed* the meaning of my statement!
That is *dishonest* editing, when you clip the majority of a sentence out and act as if the first half dozen words stood alone. I they had, I'd have put a *period* at the point you cut into it.
Your comments are offenseive, gratuitous and asinine. Not to mention dishonest and wrong.
Is that clear enough? If you'd had the courage to read it again and simply say, "Opps, I misread it and made a mistake." I say, "Well, shucks Mark, we all do that. Have a good day."
Instead you come back with all attitude and no logic.
So what? The rest of your sentence was mere context and snipping it didn't change the meaning in the slightest. Trimming postings is commonplace, and I didn't edit a single word that you wrote.
Neither can your offensive accusation. Sorry about the fsck-off, but I really found your remark offensive and gratuitous.
I've nothing more to say on this matter. If you want to take it further, feel free to shout into the aether.
Yes, sir. My AES cipher works with both the Netgear utility as well as with the Windows XP SP-2 WZC utility. Of course, it works in conjunction with my APs encryption settings (WPA-PSK - AES).
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.