Re: Wireless Pent-Test

[Gregory Spath <gkspath () armstrong com>]

On Mon, 6 Oct 2003 12:48:55 -0400
"Keith T. Morgan" <keith.morgan () terradon com> wrote:

> Are you going to remotely manage the WAPs?  Plan on logging into them
> periodically to force WEP key changes?  Then you have to notify them
> that it's changed, and provide them with a new key.  IMO, this sounds
> like an undue administrative burden.

A better solution is to require VPN clients on the wireless devices.  This
should already be in place for remote users anyway, right?

WEP should be used as a deterrent in addition to IPSec.  A casual war
driver isn't likely to go through the trouble of breaking your wep key. 
They will simply move on to an easier target (like my doctor's office,
*sigh*).

> Well, one way might be to sit outside thier house using airsnort or
> another WEP cracking utility.  Given enough time and a few big file
> transfers by your user, there's a pretty good chance that the WEP key
> will be compromised.  If your users will be handling, or could get
> access to fairly sensitive data, I'd have to rule out WEP except in
> conjunction with a pure IPSEC implementation.  In that case, so what if
> the WEP key is compromised?   

Exactly.

---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------