New encryption technology closes WLAN security loopholes

[Bill Stewart]

At 06:22 PM 09/21/2001 -0400, Arnold G. Reinhold wrote:
>As I understand things, and please correct me if I am misinformed, IPSec 
>is still quite complex to install and setup. Many 802.11b users are 
>individuals or small offices. Until IPSec is user friendly enough for 
>them, a solution that restores WEP to a reasonable level of privacy is 
>worthwhile.

Depends on the environment, and on your willingness to pay.
Using the Nortel Contivity software on Windows is really straightforward,
as long as you're only using passwords for authentication and not
fancy stuff like SecureID tokens.  The client end is just a
typical Windows-Installer thing that you feed a couple of parameters,
and the server end is a box that you need to administer.
I don't know that they've integrated it with any 802.11 systems yet -
you probably need a separate base station.


>While we are on the topic, it seems to me that the other implication of 
>802.11 is that the Ethernet backbone in most offices can no longer be 
>considered secure. It is too easy for someone to install a 802.11 base 
>station without permission inside the corporate firewall.

More to the point, if you've got a laptop with an 802.11 card in it,
and you plug it into the LAN in a building where you don't have 802.11,
then you're a potential security risk (though windows usually doesn't
do much in the way of routing, so the 802.11 is mostly a client thing.)





---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com