Security Basics mailing list archives
Re: Is Dynamic WEP Secure Enough?
From: "Steve" <securityfocus () delahunty com>
Date: Mon, 21 Mar 2005 20:30:03 -0500
I second what John Pettitt noted: "Suggestion: forget WEP - get a good ipsec based vpn system, put the access points on a DMZ lan and require use of the VPN client to get access to anything other than a "help page" web server." I would still use WEP though, would keep some folks off this wireless network you create. So segment your wireless network outside of your corporate network. The wireless network provides your users just with access to your Citrix farm (if one exists) or VPN server. The wireless clients have to run your VPN client to fully get into the network. Somebody that takes the time to gather enough packets from your network to crack your WEP (before it changes) will only get access to the same boxes you make publicly available anyway, your VPN and/or thin client systems (Citrix). STEVE ----- Original Message ----- From: "Jon Smith" <like2hax () hotmail com> To: <security-basics () securityfocus com> Sent: Saturday, March 19, 2005 3:27 PM Subject: Is Dynamic WEP Secure Enough? Hi I am responsible for a large wireless infrastructure upgrade. Right now my plan is use PEAP w MSCHAP v2 with dynamic WEP crypto for my corporate SSID (I have others with much lower security requirements). I cannot easily go to WPA without ditching all my current devices that do not support it (good luck getting that past the CFO). We have a lot of physical security and surveillance with very tight controls, my primary area of concern would be people like myself sitting in the parking lot. Due to one of our applications, we will be sending a clear strong signal to the parking lot. Is this enough security and encryption to significantly slow intrusion attempts? Between direction finding capabilities of the Access Points and our roaming guards it would be a matter of time before we detected them. Thanks Rocko _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Current thread:
- Is Dynamic WEP Secure Enough? Jon Smith (Mar 21)
- Re: Is Dynamic WEP Secure Enough? John Pettitt (Mar 21)
- Re: Is Dynamic WEP Secure Enough? Vladamir (Mar 21)
- Re: Is Dynamic WEP Secure Enough? Kelly Martin (Mar 21)
- Re: Is Dynamic WEP Secure Enough? Vladamir (Mar 22)
- RE: Is Dynamic WEP Secure Enough? David Gillett (Mar 22)
- Re: Is Dynamic WEP Secure Enough? Steve (Mar 22)
- <Possible follow-ups>
- Re: Is Dynamic WEP Secure Enough? Jon Smith (Mar 22)
- Re: Is Dynamic WEP Secure Enough? shankarnarayan.d (Mar 23)
- Re: Is Dynamic WEP Secure Enough? John Pettitt (Mar 23)
- Re: Is Dynamic WEP Secure Enough? Vladamir (Mar 23)
- Re: Is Dynamic WEP Secure Enough? Kinnell (Mar 28)