[CentOS] CentOS4, KDE3.3 and 128 WEP

Tue May 24 10:27:09 UTC 2005
Ryan <ryanag at zoominternet.net>

is the link/power light on your pcmcia card on when you plug it in, or 
is it stay off?

John Logsdon wrote:
> Ryan and list
> 
> pcmcia set 0,1,6 off and 2,3,4,5 on.  
> 
> If I try to restart pcmcia, it obviously complains that pcmcia_core is
> used by i82365,pcnet_cs,ds as I have another network card plugged in at
> the moment so I can use the machine (the Tosh Portege 3490CT's other
> network interface requires plugging the big dongle thing in so I use a
> card).
> 
> And while using the standard CentOS update solved the gpg problem, 
> 
> yum upgrade kde (for example) gave an error:
> 
> Traceback (most recent call last):
>   File "/usr/bin/yum", line 7, in ?
>     yummain.main(sys.argv[1:])
>   File "/usr/share/yum-cli/yummain.py", line 34, in main
>     locale.setlocale(locale.LC_ALL, '')
>   File "/usr/lib/python2.3/locale.py", line 381, in setlocale
>     return _setlocale(category, locale)
> locale.Error: unsupported locale setting
> 
> which may be entirely unconnected but is an error in the same area as the
> strace indicated for the wireless card.  I can post the strace if needed
> but it is quite long.
> 
> TIA
> 
> John
> 
> John Logsdon                               "Try to make things as simple
> Quantex Research Ltd, Manchester UK         as possible but not simpler"
> j.logsdon at quantex-research.com              a.einstein at relativity.org
> +44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
> 
> 
> On Mon, 23 May 2005, Ryan wrote:
> 
> 
>>Does chkconfig have pcmcia in it? If so, what is it set to?
>>
>>John Logsdon wrote:
>>
>>>That seems a bit better so I can add the 128 bit WEP code.  But for some
>>>reason I still can't activate it.  I get:
>>>
>>>SIOCSIFFLAGS: Resource temporarily unavailable
>>>
>>>which does not point too far.
>>>
>>>I have checked that the atmel_cs module is installed (the card is a Belkin
>>>F5D6020 rev 2).
>>>
>>>I have tried an strace and it seems to be looking for a file libc.mo in
>>>/usr/share/locale/[en.UTF-8|en.utf8|en]/LC_MESSAGES but there is one in
>>>/usr/share/local/en_GB/LC_MESSAGES and pretty nearly every other locale
>>>which are all in glibc-common.  
>>>
>>>I guess this is because I switched from en_US to en_GB when I installed -
>>>ie I unchecked US English.  I don't seem to recall having this problem 
>>>with other machines although this is the first one that I have tried
>>>to use wireless with...
>>>
>>>I tried changing LANG to be en and I get the same result although the
>>>strace now fails rather earlier.
>>>
>>>So it seems at least that I should reinstall en=en_US but I am not
>>>convinced that this will solve the problem. And where is it anyway?  I
>>>can't see it in any of the CentOS4 rpms - I have been through all 1404 of
>>>them.  It seems to be installed from somewhere when you set up CentOS4.  
>>>Surely I don't have to reinstall?
>>>
>>>Clues?
>>>
>>>TIA
>>>
>>>John
>>>John Logsdon                               "Try to make things as simple
>>>Quantex Research Ltd, Manchester UK         as possible but not simpler"
>>>j.logsdon at quantex-research.com              a.einstein at relativity.org
>>>+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
>>>
>>>
>>>On Mon, 23 May 2005, ryan wrote:
>>>
>>>
>>>
>>>>system-config-network from the commandline brings up a GUI that you can
>>>>enter in the WEP key for. You do not need to upgrade to KDE 3.4 for this.
>>>>
>>>>
>>>>
>>>>>What do people recommend?
>>>>
>>>>My recommendation is to use a different included GUI tool than kwifi
>>>>(system-config-network). Instructions are here:
>>>>http://www.centos.org/docs/4/html/rhel-sag-en-4/s1-network-config-wireless.html
>>>>
>>>>You can also edit /etc/sysconfig/network-scripts/ifcfg-eth0 (or whatever
>>>>your LAN card is) directly, but if you have never done this before, I'd say
>>>>use the GUI.
>>>>
>>>>
>>>>----- Original Message ----- 
>>>>From: "John Logsdon" <j.logsdon at quantex-research.com>
>>>>To: "CentOS mailing list" <centos at centos.org>
>>>>Sent: Monday, May 23, 2005 4:25 AM
>>>>Subject: Re: [CentOS] CentOS4, KDE3.3 and 128 WEP
>>>>
>>>>
>>>>
>>>>
>>>>>Folks
>>>>>
>>>>>My concern is not so much just how good or bad WEP is - and I agree that
>>>>>it is much better to use ssh or a vpn tunnel.  Until 802.11i is fully
>>>>>implemented, standard wireless is always going to be very easy to hack by
>>>>>a sniffing geekster.
>>>>>
>>>>>The problem is that there are quite a lot other machines on the network
>>>>>that have been configured with WEP128.  I don't use DHCP and I have MAC
>>>>>filtering enabled so that is some protection.  Unconfiguring all those
>>>>>machines will be a pain and as some of them are WinDroze XPoor, almost
>>>>>certainly to fall over.
>>>>>
>>>>>OK - maybe the solution is to upgrade to KDE3.4.  There are comments about
>>>>>128 WEP in the 3.4 kdenetwork package.  And is KDE3.4 already stable
>>>>>enough to be included?  What do people recommend?  Has anyone upgraded to
>>>>>3.4?
>>>>>
>>>>>Another issue is where is the gpg public key repository for CentOS4?
>>>>>
>>>>>So my problem remains.  At the moment I am using a regular wired
>>>>>connection but that means that the garden is out of bounds and it is nice
>>>>>and sunny today here in Manchester ... :-)
>>>>>
>>>>>Best wishes
>>>>>
>>>>>John
>>>>>
>>>>>John Logsdon                               "Try to make things as simple
>>>>>Quantex Research Ltd, Manchester UK         as possible but not simpler"
>>>>>j.logsdon at quantex-research.com              a.einstein at relativity.org
>>>>>+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
>>>>>
>>>>>
>>>>>On Sun, 22 May 2005, Ryan wrote:
>>>>>
>>>>>
>>>>>
>>>>>>I disagree with this assessment.
>>>>>>
>>>>>>WPA-PSK is not much more secure than 128-bit WEP, since its passphrases
>>>>>>vulnerable to common dictionary attacks.  Worse, linux has poor WPA
>>>>>>support - not every wifi card supported by linux has WPA support.
>>>>>>
>>>>>>Also, many non-computer devices (wireless webcams, etc) only have WEP as
>>>>>>an option.
>>>>>>
>>>>>>Use system-config-network , not kwifi, and you should be able to use WEP
>>>>>>with no problem. Also, consider turning OFF DHCP, turning the AP off
>>>>>>when you aren't using it, and enabling MAC filtering.
>>>>>>
>>>>>>If you are really concerned about security, consider using an SSH or VPN
>>>>>>tunnel to encrypt data between laptops and a wired router/server.
>>>>>>
>>>>>>For some information on WPA-PSK weaknesses:
>>>>>>http://wifinetnews.com/archives/002452.html
>>>>>>
>>>>>>
>>>>>>system-config-network requires you enter in "0x" bbefore the key.
>>>>>>
>>>>>>
>>>>>>Maciej Zenczykowski wrote:
>>>>>>
>>>>>>
>>>>>>>You can skip wep128 or wep64 or any other wep for that matter,
>>>>>>>currently a standard notebook with a supported wireless card running
>>>>
>>>>linux
>>>>
>>>>
>>>>>>>can passively break through wep64/wep128 encryption within 10-30
>>>>>>>minutes, switching to active mode can break through the encryption
>>>>>>>within 3-5 minutes.  Simply put, encryption of the WEP kind is no
>>>>
>>>>longer
>>>>
>>>>
>>>>>>>worth the bother.
>>>>>>>
>>>>>>>Just look around on google, he's a quote I found:
>>>>>>>
>>>>>>>Department: Here's a demo of the FBI, using commonly available and
>>>>
>>>>openly
>>>>
>>>>
>>>>>>>documented hardware & software to crack WEP 128-bit security in three
>>>>>>>minutes.
>>>>>>>
>>>>>>>http://www.tomsnetworking.com/Sections-article111-page1.php
>>>>>>>
>>>>>>>The needed utilites can be freely downloaded of the internet.
>>>>>>>
>>>>>>>Cheers,
>>>>>>>MaZe.
>>>>>>>
>>>>>>>On Sun, 22 May 2005, John Logsdon wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>CentOS4 standard installation.
>>>>>>>>
>>>>>>>>I see that KwifiManager doesn't support 128 bit WEP which I need for
>>>>>>>>other
>>>>>>>>machines on the network, which is a bit of a blow - and rather
>>>>
>>>>surprising
>>>>
>>>>
>>>>>>>>really as security should be quite a consideration on an enterprise
>>>>
>>>>level
>>>>
>>>>
>>>>>>>>system (NB RH!).
>>>>>>>>
>>>>>>>>Is there a workaround?  An alternative way of configuring my Belkin
>>>>>>>>F5D6020 ver 2 card?  eg a cvs download that I can get and copy via a
>>>>>>>>stick?  Or how to do it manually?  I have tried regressing kdenetwork
>>>>
>>>>but
>>>>
>>>>
>>>>>>>>that doesn't include kwifimanager at all.
>>>>>>>>
>>>>>>>>Ideas?
>>>>>>>>
>>>>>>>>TIA
>>>>>>>>
>>>>>>>>John
>>>>>>>>
>>>>>>>>John Logsdon                               "Try to make things as
>>>>
>>>>simple
>>>>
>>>>
>>>>>>>>Quantex Research Ltd, Manchester UK         as possible but not
>>>>
>>>>simpler"
>>>>
>>>>
>>>>>>>>j.logsdon at quantex-research.com              a.einstein at relativity.org
>>>>>>>>+44(0)161 445 4951/G:+44(0)7717758675       www.quantex-research.com
>>>>>>>>
>>>>>>>>
>>>>>>>>_______________________________________________
>>>>>>>>CentOS mailing list
>>>>>>>>CentOS at centos.org
>>>>>>>>http://lists.centos.org/mailman/listinfo/centos
>>>>>>>>
>>>>>>>
>>>>>>>_______________________________________________
>>>>>>>CentOS mailing list
>>>>>>>CentOS at centos.org
>>>>>>>http://lists.centos.org/mailman/listinfo/centos
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>_______________________________________________
>>>>>>CentOS mailing list
>>>>>>CentOS at centos.org
>>>>>>http://lists.centos.org/mailman/listinfo/centos
>>>>>>
>>>>>
>>>>>_______________________________________________
>>>>>CentOS mailing list
>>>>>CentOS at centos.org
>>>>>http://lists.centos.org/mailman/listinfo/centos
>>>>>
>>>>
>>>>_______________________________________________
>>>>CentOS mailing list
>>>>CentOS at centos.org
>>>>http://lists.centos.org/mailman/listinfo/centos
>>>>
>>>
>>>
>>>
>>>_______________________________________________
>>>CentOS mailing list
>>>CentOS at centos.org
>>>http://lists.centos.org/mailman/listinfo/centos
>>>
>>>
>>
>>_______________________________________________
>>CentOS mailing list
>>CentOS at centos.org
>>http://lists.centos.org/mailman/listinfo/centos
>>
> 
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 
>