RE: Replacing WEP was Re: Dsniff'ng wireless networks

From: Artes, Francisco (franciscoat_private)
Date: Wed Jul 18 2001 - 01:16:39 PDT

Next message: Petruzel, Oliver: "RE: snmp vulnerablities"

Previous message: Stacy Williams: "RE: Network Appliance"
Maybe in reply to: Simon Waters: "Replacing WEP was Re: Dsniff'ng wireless networks"
Next in thread: Crist Clark: "Re: Replacing WEP was Re: Dsniff'ng wireless networks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Here you assume that you have some security by using WEP.  WLANs are simply
not secure, and should never be treated as a private network.  They should
always be treated like a public network and secured accordingly.  E.g.,
place them behind a firewall with no routing between the private and the
WLAN IP network, and open VPN tunnels into the private network.

If by community network you mean a public access point to the Internet via
802.11 then just pop up some SSIDs and leave the WEP  key off so people can
just attach.  (Without the hassle of cracking WEP.)   


-----Original Message-----
From: Simon Waters [mailto:Simonat_private]
Sent: Tuesday, July 17, 2001 16:15
Cc: pen-testat_private
Subject: Replacing WEP was Re: Dsniff'ng wireless networks


Someone is thinking of doing a community network with
Wireless LAN.

WEP seems to offer little in this environment, so thinking
of replacing it with IP based encryption - sort of a public
PKI. Assuming we can get users to switch of non-IP protocols
on their client PCs (I know it is hard to right click
network neighbourhood and pick properties), do we lose any
security at layer two by not using WEP?

i.e. Are we more vulnerable to some other types of attack -
I'm guessing mostly DoS if any more are possible. But hey
they can probably DoS more profitably by stealing the
antennas from the relays and selling them.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Petruzel, Oliver: "RE: snmp vulnerablities"
Previous message: Stacy Williams: "RE: Network Appliance"
Maybe in reply to: Simon Waters: "Replacing WEP was Re: Dsniff'ng wireless networks"
Next in thread: Crist Clark: "Re: Replacing WEP was Re: Dsniff'ng wireless networks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 10:05:30 PDT