Advice wanted regarding setting up WiFi
Piotr T Zbiegiel
peter at usestrict.org
Thu Apr 1 10:17:07 PST 2004
On Wed, 2004-03-31 at 18:12, Alvin Oga wrote:
> hi ya bill
>
> i'll take the flame bait
. . .
> - do NOT use WEP ... its as good as giving away your key
> to the house
>
What?! What does that mean? <flame on:D> Seriously! "WEP" vs "no WEP",
which one is easier to exploit? I vote for "no WEP", but maybe I am
just not 733t enough to do things the hard way. The lock on your
house's door is a deterrent. It's not there to make your house
impregnable, it's there to make entering your house just inconvenient
enough to make burglars move on to the next place which happened to
leave their door unlocked. WEP does the same thing, it makes many
war-((w|ch)alkers|drivers) move on to the open AP your neighbor has.
Yes, if someone actually _WANTS_ to crack your WEP key, they can, but as
Tony pointed out, they have to collect a certain amount of data to do
that. If you rotate your WEP keys regularly (quarterly, monthly,
weekly?) depending on usage levels you can avoid giving your attacker
enough information to crack your key. Now, even given that, I would
still segment off the AP from the rest of the network. An extra NIC in
your Linux box is a possibility, but you do have to make an effort to
lock down and properly configure IPChains if you go that route.
> ( you're hosed if you using a fries special for the ap
> ( and i donno if the dlink/linksys can use ipsec instead of wep
>
I have a netgear and I did a little research before purchasing it. None
of the low-end(read end-user) APs do IPSEC.
Later,
Peter
More information about the Baylisa
mailing list