Hide your wireless network in plain sight

Imagine that wardrivers are casing your neighborhood. You've suppressed your SSID, you have WEP enabled and you've placed your wireless access point in a DMZ. You limit access to your wireless network by MAC address, block all most all traffic from the DMZ and require all your wireless clients to log into the real network via VPN in order to do anything. Sounds pretty good so far. The fact is that a hacker parked in your neighbor's driveway can still cause problems. How about making his life a little more difficult. What if when he turns on NetStumbler he sees 53,000 access points? Where would he start to look for yours? Enter Black Alchemy's Fake AP. FakeAP makes your Linux or *BSD machine look like thousands of wireless access points by broadcasting thousands of counterfeit beacon frames. This alone won't solve your wireless security issues but combined with the ideas mentioned above it might serve to confuse any miscreants looking to cause trouble. At least you won't be a soft target. References

Running Filemaker Server 5.5/6.0 on SuSE 9.3

I have recently configured Filemaker Server v5.5/6.0 to run on SuSE 9.3 using the techniques outlined in the How To "HowTo run Filemaker Server 5.5 on Redhat Linux 7.3, Redhat Linux 9.0 and Redhat Fedora Core 1" authored by Christof Baumgärtner. The key ends up being the compat-glibc-6.2- (glib 2.1 compatibility) libraries. Filemaker Server on Linux is a good alternative to server proliferation. Now I can consoludate Filemaker services onto our existing Linux infrastructure without having to buy yet anoth

Does MasterCard's SecureCode Protect Cardholders or Merchants?

The basic idea behind MasterCard's SecureCode program is that a cardholder can attach a personal message and a password (the SecureCode) to their credit card. When the cardholder attempts to make a purchase using the card at a merchant that supports SecureCode the payment processor--not the merchant--presents their personal message and asks them to enter their SecureCode. After authenticating the SecureCode the payment processor completes the transaction and the cardholder goes on their merry way. If authentication fails the charge is declined and the transaction is cancelled. Bottom line, SecureCode is a way for the card processor to authenticate the cardholder.

Misplaced Trust or Lack of Education?

The headline reads, "Professor charged with stealing students' IDs." At first glance this appears to be a case of misplaced trust. The professor asks his students to sign into his class by signing their name and placing their social security numbers on the sign-in sheet. The professor then uses the information to open up a bunch of department store credit cards. I submit that this incident happened because students don't know what their social security number is supposed to be used for and the federal government has not done enough to discourage the use of the SSN for non-social security matters.

This whole thing raises some questions. Does the organization--the community college in this case--even know what the SSN is supposed to be used for? What is the student to think? How does the student know whether it's safe to provide the information or not? What could the students have been told in advance that would have prevented this situation? Who should have told them; the college, their high school, their parents, the governemt, who? What is the SSN supposed to be used for anyway?