Re: [PEN-TEST] Penetrating Wireless Networks

[Phil Cox <Phil.Cox () SystemExperts com>]

> > You are kidding right?
>
> About WEP being a bad design? Nope.

Never argued that merits of whether the design was the best, but I did argue
that recommending "don't use it" as not an acceptable answer. Security is
layer of protection and risk mitigation. WEP is one of the options that
security minded wireless users must consider.

> > If not, then what perfect solution do you propose?
>
> Anything with a properly implemented key exchange protocol.
> (IPSec, SSL or whatever is better.)

Problem is that we are talking at different layers. Not all apps support
SSL, not all IPSec implementations are compatible, etc.. WEP does provide a
niche, you may choose not to use it, but it is their, and usable IMHO.

> [We're way of the penetration testing trail now... Apologies to the
> moderator]

I agree, this will be my last post on this specific issue, Glen & I can take
it off line if he would like to discuss it further.

Phil