I don't usually contradict what somene says but when they're way off, I need to.
First off; WEP IS UNSECURE! It dosen't matter if it's 64 or 128 bit, they ar both just as easy to hack (air snort). Second, MAC address security isn't secure, as you can spoof them. Third, even if you can't pick up signal outside a building with a regualr card or AP, you acn use a directional or Yagi antenna to get the signal. Physical secutity worked for switches because you could truly hide them behing locked doors. With wireless you can't do the same thing. You are correct with the VPN, as it's the most secure way to protect the airwaves for a PC. Other tactics are LEAP, and the soon to be released PEAP (one-time password authentication), 802.1x and the basic SAFE stuff, especially the wireless SAFE. -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com ""C restion"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi Rich, > > First thing to do is to trace the signal. I.e. what are the physical limits > of the RF. Special wireless tools (like the Sniffer Wireless) are available > to help you with this, but the software delivered with your Aironet can tell > you a lot as well. > If the signal stays within the building, 128-bits WEP and an access-control > list (i.e. which MAC-addresses are allowed and which not) should be > sufficient. > If the signal spreads to for example the car-park, additional security > measures are advisable. Depending on how much you're willing to spend, > several options are available. A firewall behind the AP, VPN-tunnels, etc. > are all expensive, but secure solutions. Again, which solution to go for > depends on your security needs and how much you're willing to spend. > > Hth, > Remmert Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44206&t=44152 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
