Well at least someone has finally stated what I was thinking. Use vpn for authenication. I would go a step further and say to use IPSEC between machines and the vpn server, as wep has been proven insecure. >From: dgillettat_private >To: VULN-DEVat_private, bugtraqat_private >Subject: RE: Wireless Lans give EVERYONE ACCESS >Date: Mon, 13 Aug 2001 16:14:12 -0700 > > VPN makes it possible to assure yourself that only legitimate users >are coming in through your wireless network to reach your trusted >servers, etc. > > However, it seems likely to me that a hostile operative could, >without successfully authenticating to the VPN, still swamp your >wireless access points with traffic. Paradoxically, this DoS attack >may actually require the attacker to be physically nearby.... > >David Gillett > > >On 13 Aug 2001, at 13:35, Jonas Thambert wrote: > > > ofcourse anti virii/p.firewall protection is a must. Setting > > up anti-spoof protection is also regular sysadmin duty, even > > if its not a WLAN interface. > > > > anyway the only usage for WLAN as I see it is in combination with VPN. > > > > http://www.cs.rice.edu/~astubble/wep/wep_attack.html > > > > jonas > _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
This archive was generated by hypermail 2b30 : Tue Aug 14 2001 - 08:29:01 PDT