RE: Wireless Lans give EVERYONE ACCESS

["big bon" <vulndev () hotmail com>]

Well at least someone has finally stated what I was thinking.  Use vpn for 
authenication.  I would go a step further and say to use IPSEC between 
machines and the vpn server, as wep has been proven insecure.


> From: dgillett () deepforest org
> To: VULN-DEV () securityfocus com, bugtraq () securityfocus com
> Subject: RE: Wireless Lans give EVERYONE ACCESS
> Date: Mon, 13 Aug 2001 16:14:12 -0700
>
>   VPN makes it possible to assure yourself that only legitimate users
> are coming in through your wireless network to reach your trusted
> servers, etc.
>
>   However, it seems likely to me that a hostile operative could,
> without successfully authenticating to the VPN, still swamp your
> wireless access points with traffic.  Paradoxically, this DoS attack
> may actually require the attacker to be physically nearby....
>
> David Gillett
>
>
> On 13 Aug 2001, at 13:35, Jonas Thambert wrote:
>
> > ofcourse anti virii/p.firewall protection is a must. Setting
> > up anti-spoof protection is also regular sysadmin duty, even
> > if its not a WLAN interface.
> >
> > anyway the only usage for WLAN as I see it is in combination with VPN.
> >
> > http://www.cs.rice.edu/~astubble/wep/wep_attack.html
> >
> > jonas


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp