David: Just a quick comment on your comment (see below) to Alex. I suspect that your model is based upon the same chipset as the WAP11, which only supports the 40 bit WEP standard (sometimes referred to as 64 bit WEP because 40 bit secret key + 20 bit initialization vector = 64 bit). Check to see if your Apple AirPort card is set to this algorithm and not the 128 bit WEP algorithm. The Apple card must also be able to take the 4 WEP key settings that were generated by the passphrase you select for the wireless access unit.
Respectfully yours; Marc Mandel At 02:58 PM 05/23/2002 -0400, David R. Matusiak wrote: >i recently purchased a WAP from linksys (Model# BEFW11S4) and have been >quite happy with its performance. configurability, however, is not so >snazzy. i want to be able to block ALL MAC addresses except my one >wireless card. it does NOT offer this feature. you can only put a MAC in a >"blocked list" once it has already shown up on your network. this is my >main complaint with this product. you can find more info at: ><http://www.linksys.com/Products/product.asp?grid=23&prid=173> > >beyond that, it has easy HTTP setup, offers a DMZ option for one host, and >can do a "fair amount" of packet filtering. i like the 4-port hub >built-in (not to mention the freedom of wireless). it offers 40/56bit and >128bit encryption, however, i could not get either to work with an apple >airport card. so, basically i just turn off 802.11b when i am not using >it. i can attest to the stability of this unit as it has not faltered in >over two months of service. > >regarding your comments about stateful firewalling and the like, i would >advise one not to rely on such flimsy measures (well, if security is a >primary concern) in these consumer grade devices. if you need real >security, i would instead recommend that you pass your traffic thru a more >robust and customizable firewall (ipfilter, checkpoint, nokia, it all >depends on $$$ available), segment your WAP on an internal leg of the >network where it will not be left to public scrutiny. > >we've already heard enough about how all WAP WEP (40bit, 128bit, you name >it) is weak and fallible. so, you are better off securing your >infrastructure instead of relying on a consumer WAP device. it all depends >on how secure your environment needs to be, however. > >looks like that SMC unit you found is a good one. now i'm wishing i had >one that would block all MACs out of the box. best of luck with your >research! (more net/sec links at URL below) _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
