[thelist] Wireless Networking Advice
Ken Schaefer
ken at adOpenStatic.com
Sun Dec 15 19:47:01 CST 2002
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Joel Canfield" <joel at spinhead.com>
Subject: RE: [thelist] Wireless Networking Advice
: > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: > : I mean, with virtually no security on a WiFi connection, it's
: > : almost the same as printing your private documents in the
: > : newspaper.
: > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: >
: > That's what WEP is for...it encrypts transmission of
: > documents between card and access point.
:
: WEP is meaningless. Less than an hour to crack it with a PC and freely
: available software.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I'm sorry - but I've never seen this done in the timeframe that you're
talking about. AFAIK Breaking 104 bit WEP requires several gigabytes of
data, and fair bit of processing power. Do you have any info on breaking
104-bit WEP in 1 hour?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: > I'd be more worried about someone connecting to your base
: > station and pinching your bandwidth...
:
: I'm more concerned about someone connecting to our network and being one
: step closer to proprietary information. Some user, usually higher up in
the
: company, will always dump some secure document in an unsecure place.
:
: Having wireless access to your network is about the same as running
without
: a firewall. We provide wireless access, but it's only an internet
: connection; never touches our network.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Why/how is the same as "running without a firewall"?
You use MAC-based connection protection to stop people randomly connecting
to your access point.
Then, the wireless network is *outside* your logical internal network. You
then need to VPN into your internal network, and authenticate against a RAS
server (eg RADIUS). The VPN tunnel keeps your data transmission secure.
Cheers
Ken
More information about the thelist
mailing list