RE: Dumb question abt. Wireless WEP security

["Bruyere, Michel" <mbruyere () ezemcanada com>]

<SNIP>
> customer (SMB/SOHO) locations we used normal WiFi gear. We used MAC
> control, disabled the broadcasting of the SSID and enabled WEP and that
> was a good 'secure by default' solution. The attacker would need to
> guess the SSID, 
<SNIP>

This is not the best way to go, as for the SSID hiding. Someone posted a
paper on this fact at the following link that resumes well why it is not a
good thing to disable it. In short, disabling the broadcast just ends up
adding the SSID to more packets "in transit".
 
Here is the link for the paper 
http://www.icsalabs.com/html/communities/WLAN/wp_ssid_hiding.pdf

And while talking about Mac, this should be a nice reading
http://home.jwu.edu/jwright/papers/wlan-mac-spoof.pdf


My 0.02$

M.Bruyere

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------