nanog mailing list archives
Re: Drive-by spam hits wireless LANs
From: Iljitsch van Beijnum <iljitsch () muada com>
Date: Wed, 11 Sep 2002 19:50:19 +0200 (CEST)
On Wed, 11 Sep 2002, Jared Mauch wrote:
There are a lot of things one can do:
1) enable wep 2) rotate wep keys 3) authenticate by mac-address 4) restrict dhcp to known mac-addresses 5) force utilization of vpn/ipsec client
Suddenly laying down UTP doesn't seem so bad anymore...
Obviously not all of these solutions are available in all cases, but in a home or small lan-environment a subset of these will increase security (even if it's reinforcing the screen door with 1/16" of balsa wood)
You can forget rotating WEP keys on anything that isn't four times as expensive as what most people have at home. Authentication by MAC address doesn't buy you anything since someone else can "borrow" the MAC address. Does anyone have experience with using asymmetric WEP keys? (= key 1 for AP -> client and key 2 for client -> AP.) I'm thinking about doing this so I can at least obscure my upstream traffic even if the downstream WEP key is public knowledge. Obviously this isn't anything near safe, but this way I'd risk the inconvenience of someone stealing my HTTP cookies or passwords and messing up my settings for some non-essential web services. (Anything even remotely sensitive will run over SSH or SSL of course.)
Current thread:
- Drive-by spam hits wireless LANs blitz (Sep 10)
- Re: Drive-by spam hits wireless LANs Joel Jaeggli (Sep 10)
- Re: Drive-by spam hits wireless LANs John Angelmo (Sep 11)
- Re: Drive-by spam hits wireless LANs Neil J. McRae (Sep 11)
- Re: Drive-by spam hits wireless LANs John Angelmo (Sep 11)
- Re: Drive-by spam hits wireless LANs Neil J. McRae (Sep 11)
- Re: Drive-by spam hits wireless LANs John Angelmo (Sep 11)
- Re: Drive-by spam hits wireless LANs Jared Mauch (Sep 11)
- Re: Drive-by spam hits wireless LANs John Angelmo (Sep 11)
- Re: Drive-by spam hits wireless LANs Jared Mauch (Sep 11)
- Re: Drive-by spam hits wireless LANs Iljitsch van Beijnum (Sep 11)
- Re: Drive-by spam hits wireless LANs David Lesher (Sep 11)
- Re: Drive-by spam hits wireless LANs Niels Bakker (Sep 11)
- Re: Drive-by spam hits wireless LANs Neil J. McRae (Sep 11)
- Re: Drive-by spam hits wireless LANs Stephen Stuart (Sep 11)
- RE: Drive-by spam hits wireless LANs Al Rowland (Sep 11)
- Re: Drive-by spam hits wireless LANs Jared Mauch (Sep 11)
- RE: Drive-by spam hits wireless LANs Al Rowland (Sep 11)
- Re: Drive-by spam hits wireless LANs Niels Bakker (Sep 11)
- Re: Drive-by spam hits wireless LANs blitz (Sep 11)
- RE: Drive-by spam hits wireless LANs Al Rowland (Sep 11)
- <Possible follow-ups>
- Re: Drive-by spam hits wireless LANs Michael . Dillon (Sep 11)