Educause Security Discussion mailing list archives

Re: WEP

From: "Gaddis, Jeremy L." <jlgaddis () IVYTECH EDU>
Date: Fri, 15 Jul 2005 13:07:40 -0500

Hi Chad,

We never implemented WEP.  When you have to share a key between potentially
hundreds or even thousands of users, it's no longer a secret.

We skipped WEP and opted for VPN technologies instead.  Campus access points
lived on a subnet all of their own.  The only traffic permitted out of this
subnet is 1723/TCP and GRE to a PPTP VPN server.  Once authenticated to this
VPN server via Active Directory credentials, students have access to the
Internet and (limited) internal resources -- the same as they would from
off-campus (public web sites, etc.).  All of this is done at layers 2, 3,
and 4.

Currently there are no restrictions on outgoing traffic with the exception
of 25/TCP (which is filtered outbound even for administrative PCs).  We keep
a close eye on the traffic, however, and will probably lockdown the wireless
networks in the near future -- most likely SSH, HTTP, and HTTPS will be the
only types of traffic allowed to off-campus destinations.

We are about to evaluate HP's Secure Access 700wl Series
(http://www.hp.com/rnd/products/wireless/700wlseries/overview.htm) to
provide a more secure wireless solution and to provide access to internal
resources to faculty and staff (who are currently subject to the same
limitations as students on the wireless network).

-j

--
Jeremy L. Gaddis   <jlgaddis () ivytech edu>
Special Projects Manager
Computer & Technology Services
Ivy Tech State College, Bloomington
812.330.6156 (w)   812.797.6176 (m)


-----Original Message-----
From: Chad McDonald [mailto:chad.mcdonald () GCSU EDU]
Sent: Wednesday, July 13, 2005 7:47 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] WEP

Understanding that WEP is relatively easy to crack, how many of you have
moved away from WEP as an addtional layer of security for your wireless
networks?  What was your reasoning for doing so?

Thanks,
Chad McDonald, CISSP
Chief Information Security Officer
Georgia College & State University
478.445.4473  Office
478.454.8250 Cell
478.445.1202 Fax

Attachment: smime.p7s
Description:

Current thread:

WEP Chad McDonald (Jul 13)
- <Possible follow-ups>
- Re: WEP Dan Updegrove (Jul 13)
- Re: WEP Alt, Brandon C. (Jul 13)
- Re: WEP Christopher E. Cramer (Jul 13)
- Re: WEP Dean De Beer (Jul 13)
- Re: WEP Brenda B Gombosky (Jul 13)
- Re: WEP Penn, Blake (Jul 13)
- Re: WEP Chris Steele (Jul 13)
- Re: WEP Gaddis, Jeremy L. (Jul 15)
- Re: WEP Koerber, Jeff (Jul 18)