Security Basics mailing list archives

RE: WiFi security implications

From: "Oliver Rebollido" <ORebollido () fenwick com>
Date: Tue, 9 Dec 2003 07:54:02 -0800


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

When you mentioned "Remove the beacon, or minimize it", what did you
mean by "minimize it"?  The only options I've been able to do with
the beacon on a Cisco 1200AP is either off or on.  When I had the
beacon off, some users on WinXP complained they couldn't get on
because WinXP couldn't find the AP.  WinXP didn't give them the
options of putting in their own SSID and WEP key.

Thanks,
Oliver

- -----Original Message-----
From: Security Newsletters-TM
[mailto:SecurityNewsletters.tm () telus com]
Sent: Monday, December 08, 2003 10:26 AM
To: security-basics () securityfocus com
Subject: RE: WiFi security implications

It really doesn't matter. 

I've been watching this thread for a while.  Here are my comments to
the original question.

1) IPsec over 802.11 is great, and depending on the IPSec algorythms
and key sizes used, almost completely unbreakable except for private
millionairs and government agencies.

2) Want even more security, lock down the 802.11 AP.  I suspect
you're not using a Cisco one, so in that case make sure you do the
following

        i) Enable the highest WEP key possible
        ii) Change the SSID from default to something crazy that anyone
walking by your office with a PDA won't lock onto by accident like
"123fjdksfj2342" .
        iii) Use a different channel than the default.
        iv) Remove the beacon, or minimize it.
        v) lock down or filter the Mac address of your laptop.

3) As an alternative, you may wish to move away from the 802.11B
spectrum as plenty of kiddies have these 70 dollar cards (CDN).

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBP9XwFeUdUP8zGqYzEQLMhwCg05fv1PheF6/+V6xWRb+v8ISqZdYAniJm
NyQG1nZkKqgdW2UvRCurPKRe
=GrCz
-----END PGP SIGNATURE-----

ATTENTION
The information contained in this message may be legally privileged
and confidential.  It is intended to be read only by the individual
or entity to whom it is addressed or by their designee. If the reader
of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited.
If you have received this message in error, please immediately notify
the sender and/or Fenwick & West LLP by telephone at (650) 988-8500
and delete or destroy any copy of this message.

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

RE: WiFi security implications, (continued)
- - - RE: WiFi security implications Tres London (Dec 05)
- RE: WiFi security implications David Gillett (Dec 05)
- RE: WiFi security implications David J. Jackson (Dec 04)
- Re: WiFi security implications Tres London (Dec 05)
- RE: WiFi security implications Tres London (Dec 05)
- RE: WiFi security implications Tres London (Dec 05)
- RE: WiFi security implications Tres London (Dec 05)
  - RE: WiFi security implications James Tusini (Dec 15)
- Re: WiFi security implications Ronish Mehta (Dec 08)
- RE: WiFi security implications Security Newsletters-TM (Dec 08)
- RE: WiFi security implications Oliver Rebollido (Dec 09)
  - RE: WiFi security implications dave kleiman (Dec 10)
- RE: WiFi security implications Steven A. Fletcher (Dec 09)