Security Basics mailing list archives
RE: wireless security question.
From: Marc Suttle <marc.suttle () anidirect com>
Date: Thu, 20 Feb 2003 12:01:53 -0600
Something like a BlueSocket device may be helpfull in this kind of situation. Please take a look at www.bluesocket.com. M -----Original Message----- From: Keith T. Morgan [mailto:keith.morgan () terradon com] Sent: Wednesday, February 19, 2003 12:28 PM To: paul van den bergen; security-basics () securityfocus com Subject: RE: wireless security question.
1) Folks who rely on other security measures - IPsec being the most obvious
IPSEC is good.
5) 128 bit WEP on as deterent. is it worth the effort - low security requirements. somewhat 404 (see 3), but not too bad if you know what you are doing.
I say layer your security. Enjoy the attacker's dissapointment when he FINALLY cracks that key, and all he can see is ESP and ISAKMP key exchanges. WEP+IPSEC is good stuff.
In the case of 1) how would one stop external users using the APs as private network bridges?
MAC address locking may help here. Though, it's a fairly trivial layer of security, as you can usually reset your mac address to one that's authorized. Though the damage associated with an attacker using your WAP as a network bridge, or for thier own personal use between two or more nodes is far less severe than having them punch a hole into the soft chewy center of things.
In the case of 6) how does one distribute the WEP keys at each update?
Don't have an answer here. AFAIK, that still has to be done manually. Coaching a normal user through WEP key changes on a regular basis sounds like a nightmare in a large network. Ugh. Any WiFi vendors listening? Key exchange daemons in the works anywhere? **************************************************************************** ********************** The contents of this email and any attachments are confidential. It is intended for the named recipient(s) only. If you have received this email in error please notify the system manager or the sender immediately and do not disclose the contents to anyone or make copies. **************************************************************************** **********************
Current thread:
- wireless security question. paul van den bergen (Feb 19)
- RE: wireless security question. Tim V - DZ (Feb 20)
- Re: wireless security question. Paul Cardon (Feb 20)
- Re: wireless security question. Luigi Grandini (Feb 20)
- <Possible follow-ups>
- RE: wireless security question. Keith T. Morgan (Feb 20)
- RE: wireless security question. Marc Suttle (Feb 20)
- RE: wireless security question. MacFerrin, Ken (Feb 20)