Wi[r]eless security (was: Suspend bug)

David G. Miller dave at davenjudy.org
Mon Feb 5 15:49:28 UTC 2007 

Les <hlhowell at pacbell.net> wrote:

> On Sun, 2007-02-04 at 11:07 -0700, David G. Miller wrote: Snip!
>> > Oh yeah.  One other thing I do is my AP is in my basement.  The basement 
>> > walls are concrete with rebar so they do a good job of attenuating the 
>> > WiFi signal.  Makes it even harder to crack my network on a drive by but 
>> > someone on my neighbor's roof would probably still get a decent signal.
>> > 
>> > I always like the saying, "Locks keep an honest person honest."  To this 
>> > I add, "... or divert the dishonest person to look for someone with a 
>> > weaker lock."
>>     
>
> Hi, Dave,
> 	Have you confirmed the signal condition from your basement?  The WLAN
> signal is very multipath capable, and the receivers for good systems can
> pick it out of the mud with only about a 1db SNR.  That is about 10
> times as sensitive as most Ham Radios, and about 10000 times more
> sensitive than most AM or FM table radios.
>
> 	The technology is really amazing.
>
> Regards,
> Les H
Actually, it was experimentation while visiting my parents.  Turns out 
that one of their neighbors runs an open AP.  I get a good signal to the 
neighbor's AP when I'm on the main floor of my folk's place but an 
unusable signal when I'm in their basement.  I get the best signal when 
I'm at the end of their house closest to this neighbor.  This is with 
concrete block foundations and wood frame houses.  I don't know where 
their neighbor has his AP.  This also fits with my experience helping 
some folks get wireless coverage everyplace they wanted it by moving 
their AP around inside their house (bad AP location: bad coverage with 
lots of dead spots; good AP location yields minimal dead spots but 
probably accessible to "others").

I ran into this same effect at my last employer where some of the sales 
engineers had set up a rogue AP.  The steel frame of the office meant 
that the AP was only accessible from certain locations on the floor we 
occupied (e.g., not at all when the elevators were between the AP and 
the person attempting to connect).  I also vaguely remember reading an 
article on suggestions for EM hardening to take advantage of this for 
securing wireless.  I put my experience with the neighbor's wireless 
together with the strategy described in the article on EM hardening and 
came up with putting my AP in my basement should make the signal fairly 
unusable off of my property.

The radio signal used by wireless does a good job of penetrating wood, 
drywall and most home building materials (no multipath involved).  It 
doesn't do as well with steel, wiring or *enough* earth.  This is 
especially true when the steel forms a "cage" as is the case of rebar in 
a poured foundation.

Cheers,
Dave

-- 
Politics, n. Strife of interests masquerading as a contest of principles.
-- Ambrose Bierce

More information about the fedora-list mailing list