RE: wifi security

["Mark Medici" <mark () dbma com>]

Actually, the most secure networks are required to run fiber-optic inside
of pressurized conduit with full-time monitoring against physical
intrusion.  This is because even fibre-optic can  tapped without breaking
the optical conductor if you have sufficient knowledge, skill and
patience, plus a few specialized tools.  

Of course, this is probably too extreme for most private enterprises.


> -----Original Message-----
> From: Dave Killion [mailto:Dkillion () netscreen com] 
> Sent: Wednesday, August 27, 2003 12:38 PM
> To: 'simon () snosoft com'; D'Amato Luigi
> Cc: lists () kentane net; security-basics () lists securityfocus com
> Subject: RE: wifi security
>
>
> Simon,
>
> Even copper can create interceptible radio waves if one is in 
> close enough proximity to the cable.  Which is why for Top 
> Secret data networks the DoD uses fiber.
>
> Yes, there are fiber taps and what not, but copper can be 
> intercepted non-invasively.
>
> Just the same, IPSec over WiFi is just as secure as IPSec 
> over copper or fiber.  And it's good enough for banks to use. 
>  It all comes down to managing risk.  Good encryption can be useful.
>
> -Dave
>
> -----Original Message-----
> From: -SIMON- [mailto:simon () snosoft com]
> Sent: Tuesday, August 26, 2003 12:32 PM
> To: D'Amato Luigi
> Cc: lists () kentane net; security-basics () lists securityfocus com
> Subject: Re: wifi security
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Actually,
>       What I would suggest for wireless security is simply 
> not sending your sensitive data out over the air.  Encrypted 
> or not, you are still sending it out for everyone and anyone 
> to snag. If you are relying on the encryption for good 
> security, well, you are simply assuming that no one else has 
> the key, or a way to crack it.
>
> Sensitive data == copper.
> other can == air.
>
> D'Amato Luigi wrote:
> > try
> > www.securitywireless.info
> ----------------------------------------------------------------------
> > --
> ---
> >
> ----------------------------------------------------------------------
> > --
> ----
> >
>
>
> - --
>
> - -simon-
>       http://www.snosoft.com
>       Tibetan "Book of the Dead," ca. 4000 BC.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQE/S7W8f3Elv1PhzXgRAjCmAJ9+azc5YkhbGsK4aD747k2tvVAdgwCgi3zr
> GExD5j5nKjrulQ0KA0ivToI=
> =gIuf
> -----END PGP SIGNATURE-----
>
>
> --------------------------------------------------------------
> ------------
> -
> Attend Black Hat Briefings & Training Federal, September 
> 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, 
> VA; the world's premier technical IT security event.  Modeled 
> after the famous Black Hat event in Las Vegas! 6 tracks, 12 
> training sessions, top speakers and sponsors. Symantec is the 
> Diamond sponsor.  Early-bird registration ends September 
> 6.Visit us: www.blackhat.com
> --------------------------------------------------------------
> ------------
> --

Attachment: smime.p7s
Description: