Arnold G. Reinhold wrote:
>Thus there is a need for a short term remedy that can work with the
>existing standard.
Maybe the easiest short term remedy that does not require
any changes to hardware is the following:
* Put the wireless network outside your firewall
(or place a firewall between your wireless network and your
internal, security-sensitive network), and
* Use a VPN with strong end-to-end cryptographic authentication
and encryption (e.g., IPSEC or equivalent)
In short, don't trust the wireless devices to provide security
-- treat the wireless cards as a way of getting insecure access,
and then use an independent security mechanism.
- it's not the crypto Steve Bellovin
- 802.11 Wired Equivalent Privacy (WEP) attacks P.J. Ponder
- Re: 802.11 Wired Equivalent Privacy (WEP) atta... Eric Rescorla
- Re: 802.11 Wired Equivalent Privacy (WEP) atta... Derek Atkins
- Re: 802.11 Wired Equivalent Privacy (WEP) ... Arnold G. Reinhold
- Re: 802.11 Wired Equivalent Privacy (W... itojun
- Re: 802.11 Wired Equivalent Priva... Arnold G. Reinhold
- Re: 802.11 Wired Equivalent Privacy (W... R. A. Hettinga
- Re: 802.11 Wired Equivalent Privacy (W... David Wagner
- Re: 802.11 Wired Equivalent Priva... Don Davis
- Re: it's not the crypto Arnold G. Reinhold
- Re: it's not the crypto Dan Geer
- Re: it's not the crypto Barney Wolff
- Re: it's not the crypto Steven M. Bellovin
