Security Basics mailing list archives

RE: wifi security

From: Jason Armstrong <jarmstrong () technicacorp com>
Date: Thu, 14 Aug 2003 14:19:06 -0400


Personally, here's how I would secure a Wireless Access Point (and the
network behind it for that matter.)





                           \./
        \./                 |      Public
Private
         |                  |       Side
Side
         |             _____|____             _________________________
_________           
    _____|_____        |        |             |                       |
|
    |         |        | Access |             |         VPN           |
|
    |Remote   |        |  Point |             |      Appliance        |
|_____   LAN
    | Laptop  |        |        |_____________|(e.g. Nortel
Contivity)|_________________|
    |_________|        |________|.1         .2|_______________________|.1
|
   /         /
|________
  /_________/                   192.168.10.0/24
192.168.20.0/24 |
 
|       
 
|_______


The Nortel Contivity is a VPN firewall solution. I'm using it as an example
because they are relatively cheap (See eBay) and I often work with them.
They support RADIUS authentication and Triple DES encryption. The Nortel
Contivity client is available for FREE. It is easy to install. You connect
to the access point, run the client, the Contivity authenticates you and you
have access to the LAN for fileserver access, Internet access, etc. Simple
and secure.

Good luck,
Jason



-----Original Message-----
From: K sPecial [mailto:xzziroz () linuxmail org] 
Sent: Thursday, August 14, 2003 7:35 AM
To: Simon; lists () kentane net; security-basics () lists securityfocus com
Subject: RE: wifi security


Is it just me or do some people ask the same question, over, over and over.
Now let me tell you I'm 16, i'm a networker, I program c, I program perl,
and I even darn live on my own and pay my own bills. You older networking
people (my future) can realy give me one heck of a grin. But I guess that's
why I read bugtrack, incidents and secureshell all day :) As for WiFi
security I have seen a few emails pass already on the subject of DHCP
pooling amungst you'r host's depending on FTP/POP passwords, this is one
option. You also have the ability to filter mac address's in your networking
down to a fine point of only... go figure your hosts! :) Ok, last but not
least I want to say ipsec would be a great option but can't guarentee it
since I have never, personaly had the satisfaction of using this. Reguards,
--K-sPecial

Sorry if I seem to come off as a cocky teen but shit i'm serious here.

----- Original Message -----
From: "Simon" <simon () snosoft com>
Date: Wed, 13 Aug 2003 15:08:25 -0400
To: <lists () kentane net>, <security-basics () lists securityfocus com>
Subject: RE: wifi security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

JC, 
      The first question that I have to ask you is what are your security 
requirements?  Whats the nature of the information on the target 
network? There are many ways to secure wireless networks, but there is 
a point where they are just not suggested.



- -----Original Message-----
From: lists () kentane net [mailto:lists () kentane net]
Sent: Wednesday, August 13, 2003 3:21 AM
To: security-basics () lists securityfocus com
Subject: wifi security


Greetings list,

I am looking for some information on WiFi security. Specifically how 
to secure wifi hotspot types of enviromments. How to authenticate 
users etc.

Regards
JC


- 
----------------------------------------------------------------------
- -----
- ----------------------------------------------------------------------
- ------

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPzqMqbR5YB3MHZrzEQJzNACffSNzDxKp0BujT52mcb2ubIykOhsAoIgk
oW7dfkmgEvfkFYUoF/lnnhyc
=Lghd
-----END PGP SIGNATURE-----


----------------------------------------------------------------------
-----

----------------------------------------------------------------------------


-- 
______________________________________________
http://www.linuxmail.org/
Now with e-mail forwarding for only US$5.95/yr

Powered by Outblaze

---------------------------------------------------------------------------
----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

RE: wifi security, (continued)
- RE: wifi security Mark Harris (Aug 13)
- RE: wifi security Simon (Aug 13)
- Re: wifi security Incist (Aug 13)
- Re: wifi security bcl (Aug 15)
- Re: wifi security Tomas Wolf (Aug 14)
  - Re: wifi security D'Amato Luigi (Aug 15)
    - Re: wifi security -SIMON- (Aug 27)
    - generalized (was: Re: wifi security Meritt James (Aug 27)
    - Re: generalized (was: Re: wifi security J. Bilder (Aug 27)
- RE: wifi security K sPecial (Aug 14)
- RE: wifi security Jason Armstrong (Aug 14)
- RE: wifi security Dave Killion (Aug 27)