Re: Replacing WEP was Re: Dsniff'ng wireless networks

From: Crist Clark (crist.clarkat_private)
Date: Wed Jul 18 2001 - 14:26:59 PDT

Next message: Ismael Valenzuela: "NT information leakage"

Previous message: Gareth Bromley: "Re: Network Appliance"
In reply to: Simon Waters: "Replacing WEP was Re: Dsniff'ng wireless networks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Simon Waters wrote:
> 
> Someone is thinking of doing a community network with
> Wireless LAN.
> 
> WEP seems to offer little in this environment, so thinking
> of replacing it with IP based encryption - sort of a public
> PKI. Assuming we can get users to switch of non-IP protocols
> on their client PCs (I know it is hard to right click
> network neighbourhood and pick properties), do we lose any
> security at layer two by not using WEP?

What security at layer 2? Layer 2 security has almost always been
sacrificed for easy operability.
 
> i.e. Are we more vulnerable to some other types of attack -
> I'm guessing mostly DoS if any more are possible. But hey
> they can probably DoS more profitably by stealing the
> antennas from the relays and selling them.

A good remark at DEFCON was that it is pretty much impossible to prevent
DoS of a wireless network. It's not data layer attacks, but physical layer
attacks. I believe the memorable quote was something along the lines, 
"Anyone can put a coat hanger in a microwave oven and aim it at your base
station." (Can't resist, when it comes to wireless base stations: "All your 
base are belong to us.")
-- 
Crist J. Clark                                Network Security Engineer
crist.clarkat_private                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.  If
the reader of this e-mail is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any review, dissemination, distribution or copying
of this communication is strictly prohibited.  If you have received this
e-mail in error, please contact postmasterat_private

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Ismael Valenzuela: "NT information leakage"
Previous message: Gareth Bromley: "Re: Network Appliance"
In reply to: Simon Waters: "Replacing WEP was Re: Dsniff'ng wireless networks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jul 22 2001 - 12:29:42 PDT