From: Gregory Spath (gkspath@armstrong.com)
Date: Mon Oct 06 2003 - 16:22:30 EDT
On Mon, 6 Oct 2003 12:48:55 -0400
"Keith T. Morgan" <keith.morgan@terradon.com> wrote:
>
> Are you going to remotely manage the WAPs? Plan on logging into them
> periodically to force WEP key changes? Then you have to notify them
> that it's changed, and provide them with a new key. IMO, this sounds
> like an undue administrative burden.
A better solution is to require VPN clients on the wireless devices. This
should already be in place for remote users anyway, right?
WEP should be used as a deterrent in addition to IPSec. A casual war
driver isn't likely to go through the trouble of breaking your wep key.
They will simply move on to an easier target (like my doctor's office,
*sigh*).
> Well, one way might be to sit outside thier house using airsnort or
> another WEP cracking utility. Given enough time and a few big file
> transfers by your user, there's a pretty good chance that the WEP key
> will be compromised. If your users will be handling, or could get
> access to fairly sensitive data, I'd have to rule out WEP except in
> conjunction with a pure IPSEC implementation. In that case, so what if
> the WEP key is compromised?
Exactly.
---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:41 EDT