Re: [NTLK] WEP vs Airport

From: Brian (bmcewen_at_comcast.net)
Date: Sat Apr 26 2003 - 14:49:09 PDT


From: Alexander Schreiber <als_at_thangorodrim.de>
On Fri, Apr 25, 2003 at 11:07:41PM -0400, someone who I might have cut the
attrib wrong wrote:
>> If you have reason to be truly concerned, you'll be better off
>> restricting access to a wireless network by MAC address; it's more
>> secure.

>Only helps against stupid intruders - MAC addresses can easily be
>changed. Wireless networks are - unless properly set up - a serious
>security risk if you use them for anything that you don't want to be

The freeware WEP crackers say they only need 100k packets or so to get started.

While it is easy to spoof a MAC, I think that this would really only be a
problem if the attacker knew something about your setups- there's a lot of
possible MACS to try before he could even talk to your server successfully
WEP or no.

hmm...

Although if you are being sniffed and the MAC address is visible of a valid
user either after (presuming WEP use I guess) WEP is broken, I guess it is
pretty trivial- and the MAC would be visible from the start, with no WEP.
So I guess it really doesn't mean much, like a lock, it's there to keep
honest people out.

B

-- 
This is the NewtonTalk list - http://www.newtontalk.net/ for all inquiries
List FAQ/Etiquette/Terms: http://www.newtontalk.net/faq.html
Official Newton FAQ: http://www.chuma.org/newton/faq/


This archive was generated by hypermail 2.1.5 : Sat Apr 26 2003 - 17:30:00 PDT