[ale] Wireless access and WEP
bob at verysecurelinux.com
Sun Feb 29 18:01:52 EST 2004
On Sun, Feb 29, 2004 at 01:32:19PM -0500, Trey Sizemore wrote:
> I understand that WEP is not the end all/be all when it comes to
> securing a wireless internet connection, but wondered what I can do. I
> have a Netgear 802.11g wireless router to which I have my desktop
> physically connected, but wanted to have a WAP for my Dell notebook with
Wired Equivalent Privacy (WEP) is a Trademarked name, not a true statement
as to its security level. Even the lying sleazebags (in my opinion)
who own the trademark say on their web site that if you want good security
use a VPN on top of it, such as IPSec.
The U.S. Federal Gov't's NIPC notes:
Successful exploitation of the vulnerability [in WEP] has been
simplified to getting within range to intercept the broadcast.
(Real World Linux Securty, Second Edition p153-155.)
> What is the best way to set up the system to provide the best possible
> security setup. If anyone has Netgear, I'd like to know how you have
> yours setup (WEP, limit by MAC address, etc.).
Limiting my MAC address also is almost worthless as WEP sends MAC addresses
in clear text. Thus, an attacker can take over an existing system's
MAC address and simply crash the legitimate system to get it out of
the way -- if it is Windows.
Bob Toxen, CTO
Fly-By-Day Consulting, Inc.
"Your expert in Firewalls, Virus and Spam Filters, VPNs,
Network Monitoring, and Network Security consulting"
bob at verysecurelinux.com (e-mail)
My recent talks on Linux security include:
-> at Southeast Cybercrime Summit in Atlanta on Mar. 2-5 2004
-> at the FBI's Atlanta headquarters on Mar. 10 2004
at IBM's Linux Competency Center in New York City on Mar. 06 last year
at the Atlanta SecureWorld Expo in Atlanta on May 22 last year
at the Enterprise Linux Forum in Silicon Valley on June 04 last year
at Computer Associates' Atlanta Linux Security Summit on Sep. 16 last year
"Real World Linux Security: Intrusion Detection, Prevention, and Recovery"
2nd Ed., Prentice Hall, (C) 2003, 848 pages, ISBN: 0130464562
Also available in Japanese, Chinese, and Czech.
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke
http://www.verysecurelinux.com [Network & Linux/Unix Security Consulting]
http://www.realworldlinuxsecurity.com [My 5* book: "Real World Linux Security"]
http://www.verysecurelinux.com/sunset.html [Sunset Computer]
Quality Linux, UNIX and network security and software consulting since 1990.
More information about the Ale