Home page logo
/

basics logo Security Basics mailing list archives

RE: wireless security question.
From: Marc Suttle <marc.suttle () anidirect com>
Date: Thu, 20 Feb 2003 12:01:53 -0600

Something like a BlueSocket device may be helpfull in this kind of
situation.  Please take a look at www.bluesocket.com.

M
-----Original Message-----
From: Keith T. Morgan [mailto:keith.morgan () terradon com]
Sent: Wednesday, February 19, 2003 12:28 PM
To: paul van den bergen; security-basics () securityfocus com
Subject: RE: wireless security question.




1) Folks who rely on other security measures - IPsec being 
the most obvious

IPSEC is good.

5) 128 bit WEP on as deterent.  is it worth the effort - low security 
requirements.  somewhat 404 (see 3), but not too bad if you 
know what you are 
doing.


I say layer your security.  Enjoy the attacker's dissapointment when he
FINALLY cracks that key, and all he can see is ESP and ISAKMP key exchanges.
WEP+IPSEC is good stuff.


In the case of 1) how would one stop external users using the 
APs as private 
network bridges? 

MAC address locking may help here.  Though, it's a fairly trivial layer of
security, as you can usually reset your mac address to one that's
authorized.  Though the damage associated with an attacker using your WAP as
a network bridge, or for thier own personal use between two or more nodes is
far less severe than having them punch a hole into the soft chewy center of
things.


In the case of 6) how does one distribute the WEP keys at 
each update?  



Don't have an answer here.  AFAIK, that still has to be done manually.
Coaching a normal user through WEP key changes on a regular basis sounds
like a nightmare in a large network.  Ugh.  Any WiFi vendors listening?  Key
exchange daemons in the works anywhere?

****************************************************************************
**********************
The contents of this email and any attachments are confidential.
It is intended for the named recipient(s) only.
If you have received this email in error please notify the system manager or
the 
sender immediately and do not disclose the contents to anyone or make
copies.

****************************************************************************
**********************


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]