Re: [fw-wiz] "802.1x"?

From: R. DuFresne (dufresne@sysinfo.com)
Date: 12/19/02


From: "R. DuFresne" <dufresne@sysinfo.com>
To: Gary Flynn <flynngn@jmu.edu>
Date: Thu Dec 19 20:39:02 2002

And though it maybe redundant, this popped up today, informative read:

Full paper available at http://rr.sans.org/casestudies/deployment.php

   Is IEEE 802.1X Ready for General Deployment?
   Scott Baily
   April 7, 2002

   Abstract:
   Wireless LANs have been recognized as insecure for some time,
   especially for their lack of data confidentiality and access control.
   This paper examines the suitability of deploying IEEE 802.1X as the
   principal authentication mechanism for Colorado State Universitys
   wireless network. After careful consideration of wireless security
   issues and how 802.1X addresses those issues, it was decided that CSU
   should not incorporate 802.1X into its wireless network at this time.

...

Thanks,

Ron DuFresne

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!