RE: Wireless Lans give EVERYONE ACCESS

From: big bon (vulndevat_private)
Date: Tue Aug 14 2001 - 06:28:39 PDT

  • Next message: Agent 000: "Re: Assembler Help"

    Well at least someone has finally stated what I was thinking.  Use vpn for 
    authenication.  I would go a step further and say to use IPSEC between 
    machines and the vpn server, as wep has been proven insecure.
    
    
    >From: dgillettat_private
    >To: VULN-DEVat_private, bugtraqat_private
    >Subject: RE: Wireless Lans give EVERYONE ACCESS
    >Date: Mon, 13 Aug 2001 16:14:12 -0700
    >
    >   VPN makes it possible to assure yourself that only legitimate users
    >are coming in through your wireless network to reach your trusted
    >servers, etc.
    >
    >   However, it seems likely to me that a hostile operative could,
    >without successfully authenticating to the VPN, still swamp your
    >wireless access points with traffic.  Paradoxically, this DoS attack
    >may actually require the attacker to be physically nearby....
    >
    >David Gillett
    >
    >
    >On 13 Aug 2001, at 13:35, Jonas Thambert wrote:
    >
    > > ofcourse anti virii/p.firewall protection is a must. Setting
    > > up anti-spoof protection is also regular sysadmin duty, even
    > > if its not a WLAN interface.
    > >
    > > anyway the only usage for WLAN as I see it is in combination with VPN.
    > >
    > > http://www.cs.rice.edu/~astubble/wep/wep_attack.html
    > >
    > > jonas
    >
    
    
    _________________________________________________________________
    Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
    



    This archive was generated by hypermail 2b30 : Tue Aug 14 2001 - 08:29:01 PDT