RE: WLAN Security FAQ

["Klaus, Chris (ISSAtlanta)" <CKlaus () iss net>]

> Good FAQ
>
> Something you may want to add to this Doc is that whilst on 
> most laptops
> it is easy to see that there is a wlan card in it (they 
> generally stick
> out of the pcmcia slot quite a way) some laptops come with internal
> cards that the user may or may not be aware of. Some recent 
> MAC laptops
> have the facility to have an internal wlan card as do (I believe) some
> dell's. These could be misconfigured to allow peer to peer out of the
> box. Does anyone have any info on this ? It *appears* that using 
> airport cards in mac OS X you have to specifically turn on 
> peer to peer,
> though I am no mac expert.

Both HP and Dell have announced that their laptop lines will start to carry
802.11b technology built into them.  With Windows XP adding more native
support for 802.11b, it'll be interesting to see how the laptops are
configured by default.  Historically, the default would be that the 802.11b
is enabled and running.  As part of dealing with all the major security
issues, Microsoft has announced in future releases of their product lines,
they are changing the default for their product packages to be installed in
"secure" mode, so that out of the box, most services and functionality is
turned off by default, and the user must specifically turn on various
functionality and capability.  Maybe this will carry over to 802.11b and
wireless technology.

On the topic of antennas, I added a section in the FAQ:  

Because the intruder must be within range of the signal, a properly selected
and positioned antenna within a building can minimize how far the signal can
reach and therefore reduce leakage and interception.  For selecting
different antenna designs for appropriate signal reception, here is an
article on wireless antennas:

Antennas Enhance WLAN Security in Byte Magazine, October 2001. 
http://www.byte.com/documents/s=1422/byt20010926s0002/1001_marshall.html 

Additionally, ISS has put the Wireless LAN Security FAQ on the web at:
http://www.iss.net/wireless/WLAN_FAQ.php  I've beefed up the index and made
it easier to cross-reference to the specific questions one might have.

> Q
>
>
> -- 
> #####################
> Quentyn Taylor
> Sysadmin - Fotango.com
> #####################
> "Let's face it, if you have leprosy, you can't be casual 
> about watching
> for new injuries." 
>    Mike Sphar, on Microsoft and anti-virus alerts.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/