RE: Wireless Security vs Performance

[Matthew Reed <mreed () consolidatedgraphics com>]

While that is true and WPA2 is the best option, you should at least be aware of:

http://www.storefrontbacktalk.com/securityfraud/wpa2-broken-and-this-time-no-patch/: (you do have to be inside the 
network already to break WPA2)

If possible, mac address validation should be layered into this as well. That is not perfect either but additional 
layers, when possible and not overly restrictive is the best approach.


Matthew Reed
Director
Information Security Compliance and Awareness
Consolidated Graphics
5858 Westheimer, Suite #200
Houston, TX  77057
Direct: 713.493.6118
Mobile: 713.502.5181
Fax: 713.493.6178
Email: mreed () cgx com
www.cgx.com


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of shailesh.sf () gmail com
Sent: Wednesday, June 24, 2009 7:43 PM
To: security-basics () securityfocus com
Subject: Re: Wireless Security vs Performance

If Security is the criteria, then I would suggest you should be using WPA2 rather than WEP.

WEP with the now infamous RC4 Stream Cipher is/ was a security nightmare.

WPA2 uses AES Block Cipher with a 256 Bit Key and currently their aren't any known compromising attacks against it.
As regards to the cipher, AES remains secure & unconquered while the 256 Bit Key is completely immune to any brute 
force attack(s).

You may also wanna check NIST SP 800-48 that deals specifically with Wireless Security.

Regards,
Shailesh

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


NOTICE:  This message, as well as any attached document, contains information from Consolidated Graphics, Inc. that is 
confidential and/or privileged, or may contain attorney work product.  The information is intended only for the use of 
the addressee(s) named above.  If you are not the intended recipient, you are hereby notified that any review, use, 
dissemination, forwarding, printing, copying, disclosure, or the taking of any action in reliance on the contents of 
this message or its attachments is strictly prohibited, and may be unlawful.  If you have received this message in 
error, please destroy all copies (in any form) of this message and its attachments, if any, without disclosing the 
contents, and notify the sender immediately.  Unintended transmission does not constitute waiver of the attorney-client 
privilege or any other privilege.  Unless expressly stated in this email, nothing in this message should be construed 
as a digital or electronic signature.  Thank you for your cooperation.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------