[MLB-WIRELESS] How not to go war driving....
paul van den bergen
pvandenbergen at swin.edu.au
Mon Nov 24 11:22:45 EST 2003
On Mon, 24 Nov 2003 10:56 am, Ryan Abbenhuys wrote:
> I liken WEP to a clublock. A deterrent more than anything.
>
> >this is the bit that worried me... I presume he is taking about WEP....
>
> which
>
> >we all know is worse than no security at all, right?
I re-itterate... "which we all know is worse than no security at all, right?"
:-)
while I'm sure we have had this discussion before, WEP is bad because it gives
a false sense of security...
128 bit WEP can be trivially broken within an hour or 2. quicker for
particular implementations with implementation flaws, etc.
48 bit within minutes.
the information transmitted can be recorded encrypted and then broken later -
including password /username pairs, bank account details, whatever... no need
to get an hours worth of traffic, there are other weaknesses that allow
decryption.
so, secure your network properly. starting with individual machines. denigh an
attacker a logon and they can't really do much can they? implement IPSEC on
wireless connections, ssh, etc.
or put up with some attacks. e.g. rate limit your uplink, etc.
--
Dr Paul van den Bergen
Centre for Advanced Internet Architectures
caia.swin.edu.au
pvandenbergen at swin.edu.au
IM:bulwynkl2002
"And some run up hill and down dale, knapping the chucky stones
to pieces wi' hammers, like so many road makers run daft.
They say it is to see how the world was made."
Sir Walter Scott, St. Ronan's Well 1824
To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message
More information about the Melbwireless
mailing list