Security Basics mailing list archives
Re: wifi security
From: "simon (www.snosoft.com)" <simon () snosoft com>
Date: Mon, 08 Sep 2003 16:32:45 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In response to Dave Killion: "Just the same, IPSec over WiFi is just as secure as IPSec over copper or fiber. And it's good enough for banks to use. It all comes down to managing risk. Good encryption can be useful." Dave, with all due respect you are wrong...Fact is when you send data out over the air via any method the signal will be stronger than it would be out of a cat5 (I figured that this would be obvious). When using cat5 it is simply not easy to collect radio waves and turn them into anything useful.
Having said that it is correct to say that copper is more secure than air, and fibre is more secure than copper assuming that all is equal in the data going over the line.
What are the chances of someone recording your radio waves from cat5 v.s the chances of someone recording data from 802.11x?
Also, don't use banks as an example of security, IMHO they are not secure enough. What is good enough for a bank network is far from good enough for mine. It is not that their administrators are idiots, because they are not idiots, they just don't have the time to do what the hackers of today have the time to do.
Mark Medici wrote:
Actually, the most secure networks are required to run fiber-optic inside of pressurized conduit with full-time monitoring against physical intrusion. This is because even fibre-optic can tapped without breaking the optical conductor if you have sufficient knowledge, skill andpatience, plus a few specialized tools.Of course, this is probably too extreme for most private enterprises.-----Original Message-----From: Dave Killion [mailto:Dkillion () netscreen com] Sent: Wednesday, August 27, 2003 12:38 PMTo: 'simon () snosoft com'; D'Amato Luigi Cc: lists () kentane net; security-basics () lists securityfocus com Subject: RE: wifi security Simon,Even copper can create interceptible radio waves if one is in close enough proximity to the cable. Which is why for Top Secret data networks the DoD uses fiber.Yes, there are fiber taps and what not, but copper can be intercepted non-invasively.Just the same, IPSec over WiFi is just as secure as IPSec over copper or fiber. And it's good enough for banks to use. It all comes down to managing risk. Good encryption can be useful.-Dave -----Original Message----- From: -SIMON- [mailto:simon () snosoft com] Sent: Tuesday, August 26, 2003 12:32 PM To: D'Amato Luigi Cc: lists () kentane net; security-basics () lists securityfocus com Subject: Re: wifi security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Actually,What I would suggest for wireless security is simply not sending your sensitive data out over the air. Encrypted or not, you are still sending it out for everyone and anyone to snag. If you are relying on the encryption for good security, well, you are simply assuming that no one else has the key, or a way to crack it.Sensitive data == copper. other can == air. D'Amato Luigi wrote:try www.securitywireless.info--------------------------------------------------------------------------- ---------------------------------------------------------------------------- - -- - -simon- http://www.snosoft.com Tibetan "Book of the Dead," ca. 4000 BC. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/S7W8f3Elv1PhzXgRAjCmAJ9+azc5YkhbGsK4aD747k2tvVAdgwCgi3zr GExD5j5nKjrulQ0KA0ivToI= =gIuf -----END PGP SIGNATURE----- -------------------------------------------------------------- ------------ -Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com-------------------------------------------------------------- ------------ --
- -- Regards,
-simon- Secure Network Operations, Inc. http://www.secnetops.com || http://www.snosoft.com Office: 978-263-3829 Fax: 978-263-0033 ------------------------------------------------------- "Embracing the future of technology, protecting you..." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/XOdtf3Elv1PhzXgRAnkpAKDDv72oMwNoJg8jbJLe9MKsFQ14DwCfZXy/ ykgRKov20p1srgQe/AK+dSg= =1cKn -----END PGP SIGNATURE----- ---------------------------------------------------------------------------Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------
Current thread:
- RE: wifi security Mark Medici (Sep 02)
- Re: wifi security simon (www.snosoft.com) (Sep 08)
- <Possible follow-ups>
- RE: wifi security Dave Killion (Sep 08)
- Re: wifi security simon (www.snosoft.com) (Sep 08)