nanog mailing list archives

Re: WLAN shielding

From: "Marshall Eubanks" <tme () multicasttech com>
Date: Tue, 02 Dec 2003 22:12:25 -0500


On Tue, 2 Dec 2003 20:36:51 -0600
 "Erik Amundson" <erik () myevilempire net> wrote:



      I have been looking into the Cisco Aironet solution recently for
a project I'm working on.  They seem to have some great security
features, if you want to take the time to configure it.  Oh, another
caveat is that you have to use Cisco's wireless adapter as well,
otherwise, good ol' WEP for you!


Then I hope you saw this today :

Cisco Security Advisory: SNMP trap Reveals WEP Key in Cisco Aironet AP

Revision 1.0

For Public Release 2003 December 02 17:00 UTC (GMT)

- ------------------------------------------------------------------------

Summary
=======
Cisco Aironet Access Points (AP) running Cisco IOS software will send
any static Wired Equivalent Privacy (WEP) key in the cleartext to the
Simple Network Management Protocol (SNMP) server if the snmp-server
enable traps wlan-wep command is enabled. Affected hardware models are
the Cisco Aironet 1100, 1200, and 1400 series. This command is disabled
by default. The workaround is to disable this command. Any dynamically
set WEP key will not be disclosed.

Cisco Aironet AP models running VxWorks operating system are not
affected by this vulnerability. No other Cisco product is affected.

This advisory will be available at
http://www.cisco.com/warp/public/707/cisco-sa-20031202-SNMP-trap.shtml


      I haven't thought of the VPN idea that others have spoken of on
the NANOG list yet...that's a good idea too...hmm....

- Erik



-----Original Message-----
From: Andy Grosser [mailto:andy () sugar meniscus org] 
Sent: Wednesday, November 26, 2003 11:02 AM
To: nanog () merit edu
Subject: WLAN shielding


Apologies in advance if this may not quite be the proper list for such a
question...

My company is investigating the use of wireless in a couple of our
conference rooms.  Aside from limiting the scope of reception with
various directional antennae, does anyone have any suggestions or
pointers for other ways to limit the propagation of signals (i.e.
special shielding paint, panels or other wall coatings)?

Feel free to reply off-list.

Thanks!

Andy

---
Andy Grosser, CCNP
andy at meniscus dot org
---

Current thread:

Re: WLAN shielding Scott McGrath (Dec 01)
- <Possible follow-ups>
- Re: WLAN shielding Howard C. Berkowitz (Dec 02)
- Re: WLAN shielding Howard C. Berkowitz (Dec 02)
  - Re: WLAN shielding Laurence F. Sheldon, Jr. (Dec 02)
- RE: WLAN shielding Erik Amundson (Dec 02)
  - Re: WLAN shielding Marshall Eubanks (Dec 02)