Security Basics mailing list archives

RE: Is Dynamic WEP Secure Enough?

From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 22 Mar 2005 09:17:28 -0800

  It depends on your requirement.  If you're looking at
it from the perspective of protecting your data from (a)
determined intruders and (b) insiders who already have WEP 
access, then obviously not -- running IPSEC over your WLAN
is a better way to meet that requirement.
  But it does make a useful tripwire.  Nobody breaks WEP
by accident, and anyone who does break onto a WLAN running
WEP cannot believably claim not to have known that their
access was unauthorized.
  If your provide multiple SSIDs, some with WEP and some 
without, people who just want guest access to the Internet 
will use the non-WEP and leave the WEP alone.

  There is no "secure enough".  There is only "satisfies
requirements X, Y, Z" -- or doesn't.

David Gillett

Current thread:

Is Dynamic WEP Secure Enough? Jon Smith (Mar 21)
- Re: Is Dynamic WEP Secure Enough? John Pettitt (Mar 21)
- Re: Is Dynamic WEP Secure Enough? Vladamir (Mar 21)
- Re: Is Dynamic WEP Secure Enough? Kelly Martin (Mar 21)
  - Re: Is Dynamic WEP Secure Enough? Vladamir (Mar 22)
- RE: Is Dynamic WEP Secure Enough? David Gillett (Mar 22)
- Re: Is Dynamic WEP Secure Enough? Steve (Mar 22)
- <Possible follow-ups>
- Re: Is Dynamic WEP Secure Enough? Jon Smith (Mar 22)
- Re: Is Dynamic WEP Secure Enough? shankarnarayan.d (Mar 23)
  - Re: Is Dynamic WEP Secure Enough? John Pettitt (Mar 23)
  - Re: Is Dynamic WEP Secure Enough? Vladamir (Mar 23)
    - Re: Is Dynamic WEP Secure Enough? Kinnell (Mar 28)