Common Security Problems of 802.11 Wireless
Warren Togami
warren at togami.com
Sat Apr 28 00:06:17 PDT 2001
Article about some guys driving around town, seeing how many unguarded
wireless networks they can easily access. Apparently many.
http://www.msnbc.com/news/565275.asp
Many comments on security features of 802.11b.
Ways of balancing security, obscurity, and network management.
http://slashdot.org/comments.pl?sid=01%2F04%2F27%2F1847237&cid=&pid=0&starta
t=&threshold=-1&mode=thread&commentsort=3&op=Change
A few of their suggestions
1) Use only 128bit WEP gold cards. 56bit considered too weak? Somebody
else says that even 128bit WEP is too easily cracked, and you should rely on
some VPN technology like PPTP or IPSEC.
2) MAC lock and watch the arp logs.
3) Turn off SSID identification broadcast. This creates a severe headache
because it must be set manually on all clients, but that's what's necessary
for security.
4) Treat wireless users as in the DMZ, segmented from the rest of the
network.
Based on everything that I read....
The only way to ensure that only authorized users are allowed on the
network, you must use RADIUS or some related protocol for authentication
connection. I think this is possible with Open Source Software. Then the
only way to ensure that traffic can't be decrypted and sniffed is to use
IPSEC, PPTP or some other VPN protocol?
More information about the LUAU
mailing list