Re: Wireless Security for Business Use
From: WiFiGuRu (WiFiGuRu@WiFi[noSpamPlease)Date: 04/09/02
- Previous message: TOYOTA MR2: "Re: cmd.exe and root.exe in HTTP error files"
- In reply to: Michael Erskine: "Re: Wireless Security for Business Use"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: WiFiGuRu <WiFiGuRu@WiFi[noSpamPlease]Consulting.com> Date: Tue, 09 Apr 2002 01:28:02 GMT
So True and right on the money. The only thing I've seen in this space
that seems secure is airfortress, not something you will see in public
hot spots. I purchased one to evaluate before reccomending it to
clients and it seems quite secure so far. Anyway public Hot spot
security is going to be difficult, especially if you are paranoid. If
you have an email worm it will allow network invasion in many places,
just not in hotspots.
Maybe the next big thing will be secure hotspots...
Michael Erskine wrote:
> Ok then the long answer...
>
> A VPN provides a secure tunnel over an IP network. It in NO WAY
> insulates the IP network from traffic which is not in the tunnel.
> This means that someone might piggyback thru your wireless network
> into your corporate network, if your corporate network is not
> firewalled against that.
>
> A wireless network (particualrily an unsecured one) can easily be
> joined by anyone who knows how to discover the network (E)(B)SSID and
> set his system up with the right IP, Gateway, and Netmask. DHCP is no
> protection unless IP addresses are assigned to specific MAC layer
> addresses and even then they are not protection because MAC addresses
> can be forged... so an attacker might just wait till a legitimate host
> was down and assume his MAC...
>
> Or the attacker could just send you a mail worm that opens a
> connection back to one of his compromised hosts and then piggyback
> thru you on your VPN tunnel.
>
> The only sure protection for a wireless link which can ensure the
> safety of anything connected to that link is link level encryption
> with an unbreakable encryption algorythm... I don't make that comment
> lightly. The fact is there is no operating system which is completely
> secure. People may point to this one or that one and say, "There are
> no known exploits..." or "No exploit has been reported in..." That is
> all well and good... and the banking system still operates upon a
> private network... and military agencies still have regulations
> regarding the kinds of material which can be stored upon computers
> connected to the *public* network.
>
> Basically there is no such thing as a secure wireless network which is
> not proprietary, physically secured, and running strong encryption
> (typically at the physical and/or datalink layers.
>
> So Stewart, what do you think about WEP?
>
> -m-
>
- Next message: Don Kelloway: "Re: cmd.exe and root.exe in HTTP error files"
- Previous message: TOYOTA MR2: "Re: cmd.exe and root.exe in HTTP error files"
- In reply to: Michael Erskine: "Re: Wireless Security for Business Use"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
