PaulDotCom mailing list archives
Secure "Relative Term I guess" Wireless network withVPN
From: j2mccluggage at adelphia.net (Jody & Jennifer McCluggage)
Date: Tue, 2 Feb 2010 13:30:16 -0500
Under the conditions that you describe (no radius, no enterprise gear, single user), I believe your best bet would be to implement WPA-2 Personal. This setup requires a pre-shared key that is used by both sides. Under most clients, after initial setup, the user does not need to know the pre-shared key to use it (it is installed on the client), so make the pre-shared key wickedly long and complex (25+ random string). The biggest issues with pre-shared keys are that all systems must use the same one and they usually must be manually updated (i.e. they are not changed on a regular basis). Since you are only implementing for one user, the first weakness is mitigated quite a bit. You can help mitigate the second one by creating a very long and complex string and securely storing it (use something like Kee Password safe, etc). Most of the tools out there currently attempt to break WPA-2 Personal rely on a weak pre-shared key (i.e. most don't directly attack the encryption or algorithm) so can usually be thwarted by using a strong key. I have not worked directly with OpenWRT but I assume that it supports WPA-2 Personal? As for HIPAA, it does not proscribe specific steps on how to secure wireless (the new updates in the ARRA HITECH does proscribe acceptable encryption. WPA-2 uses AES which should satisfy it). Its goal is to simply secure protected health information. It is organization's job to determine the best way to do that and justify it through risk analysis and migration processes. So the bottom line is, whatever you decide to do, document what you perceive the risk to be and how you went about mitigating it. Jody _____ From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Tyler Robinson Sent: Monday, February 01, 2010 7:56 PM To: PaulDotCom Security Weekly Mailing List Subject: [Pauldotcom] Secure "Relative Term I guess" Wireless network withVPN Just wondering if anyone has had any experience configuring DDWRT or OpenWRT to be HIPPA compliant across WIFI, I have a single user, single machine Medication cart that I need to be WIFI mobile but still HIPPA comliant and of course the customer wants to spend the least amount of money so no radius and no special enterprise WIFI Gear. Any advice is always appreciated. Thanks, TR -- Tyler Robinson Owner of Computer Impressions -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100202/00ab766e/attachment.htm
Current thread:
- Secure "Relative Term I guess" Wireless network with VPN Tyler Robinson (Feb 01)
- Secure "Relative Term I guess" Wireless network withVPN Jody & Jennifer McCluggage (Feb 02)
- Secure "Relative Term I guess" Wireless network withVPN Michael Miller (Feb 03)
- Secure "Relative Term I guess" Wireless network withVPN Tim Krabec (Feb 03)
- Secure "Relative Term I guess" Wireless network withVPN Raffi Jamgotchian (Feb 03)
- Secure "Relative Term I guess" Wireless network withVPN Michael Miller (Feb 03)
- Secure "Relative Term I guess" Wireless network withVPN Jody & Jennifer McCluggage (Feb 02)