Firewall Wizards mailing list archives

Re: Wireless

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 9 Aug 2002 18:32:11 -0400 (EDT)

On Fri, 9 Aug 2002, John McDermott wrote:

ejb3 () cornell edu wrote:

Spoofing MAC addresses is easy, even on 802.11b cards.  Managing 
permitted MAC addresses is a good idea for home users with few cards and 
only a single base station.  It's a management nightmare for large 
installations.


So what is the Best Practice approach to securing a wireless subnet? 
Given a WAP and n known cards, what is the best way to deal with MAC 
spoofing, wandering unauthorized users, etc. to prevent access to all 
lan resources for unauthorized users?


Best recommends at present speak of wrapping all transmissions within an
encrypted tunnel.  SSH or some IPsec tool.  Still one should localise the
range of their transmissions as much as possible, as information leakage
is still present due to the management packets between and through any
device talking to the AP.  This gains one the ability to encrypt 
the data portions of their connections, but there remains much
information leakage.  Basically, no matter how well one tries
to 'secure' their wireless transmissions, they have exposed a ethernet
subnet<s?> to outside sniffing.  The range of the sniffing capabilites
lies in how much one wishes to invest time or monies into an antenae for
their sniffing/attack vectors into this realm.  There are claims that
homebuilt antenaes can sniff from 1-10 miles out, so sitting in a parking
lot is not a requirement.

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Wireless, (continued)
- Re: Wireless B. Scott Harroff (Aug 09)
- RE: Wireless Scott, Richard (Aug 09)
  - RE: Wireless ejb3 (Aug 09)
    - Re: Wireless Jeff Newton (Aug 09)
    - Re: Wireless R. DuFresne (Aug 09)
    - Re: Wireless Jeff Newton (Aug 09)
    - Re: Wireless John McDermott (Aug 09)
    - Re: Wireless Paul Robertson (Aug 09)
    - Re: Wireless Dave Piscitello (Aug 19)
    - Re: Wireless ejb3 (Aug 09)
    - Re: Wireless R. DuFresne (Aug 09)
  - RE: Wireless Paul Robertson (Aug 09)
  - RE: Wireless R. DuFresne (Aug 09)
- RE: Wireless Carl Friedberg (Aug 09)
  - RE: Wireless Paul Robertson (Aug 09)
- RE: Wireless Loomis, Rip (Aug 09)
- RE: Wireless Loomis, Rip (Aug 09)
- RE: Wireless Frank Darden (Aug 09)
  - RE: Wireless R. DuFresne (Aug 09)
- Re: Wireless Roger Marquis (Aug 09)
  - Re: Re: Wireless Gary Flynn (Aug 09)

(Thread continues...)