Home page logo

basics logo Security Basics mailing list archives

RE: WiFi security implications
From: "Steven A. Fletcher" <sfletcher () bcsc com>
Date: Tue, 9 Dec 2003 11:27:37 -0600

Windows XP should give them the option to enter an SSID and WEP key.  I
use a Linksys AP at home with the beacon feature turned off and I
connect to it with XP.  However, it is possible that a normal user does
not have access to that.  I have not tested to see what security is
required to configure the wireless settings.

Hope this helps.

Steve Fletcher, A+, MCP, MCSE (NT 4), Master ASE, CCNA, CCA
Senior Network Engineer
BCSC Technology Solutions
sfletcher () bcsc com
 -----Original Message-----
From: Oliver Rebollido [mailto:ORebollido () fenwick com] 
Sent: Tuesday, December 09, 2003 9:54 AM
To: Security Newsletters-TM; security-basics () securityfocus com
Subject: RE: WiFi security implications

Hash: SHA1

When you mentioned "Remove the beacon, or minimize it", what did you
mean by "minimize it"?  The only options I've been able to do with
the beacon on a Cisco 1200AP is either off or on.  When I had the
beacon off, some users on WinXP complained they couldn't get on
because WinXP couldn't find the AP.  WinXP didn't give them the
options of putting in their own SSID and WEP key.


- -----Original Message-----
From: Security Newsletters-TM
[mailto:SecurityNewsletters.tm () telus com]

Sent: Monday, December 08, 2003 10:26 AM
To: security-basics () securityfocus com
Subject: RE: WiFi security implications

It really doesn't matter. 

I've been watching this thread for a while.  Here are my comments to
the original question.

1) IPsec over 802.11 is great, and depending on the IPSec algorythms
and key sizes used, almost completely unbreakable except for private
millionairs and government agencies.

2) Want even more security, lock down the 802.11 AP.  I suspect
you're not using a Cisco one, so in that case make sure you do the

        i) Enable the highest WEP key possible
        ii) Change the SSID from default to something crazy that anyone
walking by your office with a PDA won't lock onto by accident like
"123fjdksfj2342" .
        iii) Use a different channel than the default.
        iv) Remove the beacon, or minimize it.

        v) lock down or filter the Mac address of your laptop.

3) As an alternative, you may wish to move away from the 802.11B
spectrum as plenty of kiddies have these 70 dollar cards (CDN).

Version: PGP 8.0.3


The information contained in this message may be legally privileged
and confidential.  It is intended to be read only by the individual
or entity to whom it is addressed or by their designee. If the reader
of this message is not the intended recipient, you are on notice that
any distribution of this message, in any form, is strictly prohibited.

If you have received this message in error, please immediately notify
the sender and/or Fenwick & West LLP by telephone at (650) 988-8500

and delete or destroy any copy of this message.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]