Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Security hole?' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Security hole?
Authored by: ekc on Feb 08, '05 12:18:56PM
robg wrote:
(I tested it with SMB, printer, and personal sharing all disabled, and it still worked fine.)
Oh dear, I was under the impression that feature is disabled as long as printer sharing is off. As it is, I am concerned about people within Airport range sending long-distance faxes on my tab. I like this idea of a shared fax, but the apparent lack of any form of authentication is just scary.

[ Reply to This | # ]
Security hole?
Authored by: peragrin on Feb 08, '05 01:37:10PM

Where is the security on your airport. Though your concern is valid, it's just something else people can do on your internal network. They can also sniff your traffic, looking for passwords.

All airports should be secured. Even WEP which can be broken in short order is better than nothing. Airport extreme, and express both support WPA through an firmware update a couple of months back. It's stronger than WEP though it to can be broken.

---
I thought once I was found but it was only a dream



[ Reply to This | # ]
Security hole?
Authored by: ekc on Feb 08, '05 04:37:24PM
I wish I had more faith in wireless security, but WEP is something of a joke, and since I have a mixture of newer and older hardware, I am pretty much stuck with it. WPA may be much stronger, but you are still placing all your faith in a single password to secure the entire LAN.

I would much rather see that second level of protection. In this day and age, even services restricted to a local network need to be properly authenticated. Thankfully, most of them already are. Even AppleShare no longer sends passwords in the clear. Printer and fax sharing are among the few hold-outs. While the former has some prank potential, the latter is downright dangerous.

I have file a bug report with Apple over this, and it remains to be seen whether they add authentication under Tiger. If they can do it for iTunes music sharing (as if I care that the neighbours are tuning into my playlists), surely they can do for printer/fax sharing too.

[ Reply to This | # ]

Security hole?
Authored by: basskiwi on Feb 09, '05 07:30:37AM

Well you could use the built in radius auth client in the airport basestations... There's even a nice interface for setting it up <A HREF="http://www.carpestellarem.com/Products/StellarRADIUS.php">http://www.carpestellarem.com/Products/StellarRADIUS.php</A>

That way you can give each of your users a certificate and password combination to get onto your network - EAP-TTLS



[ Reply to This | # ]