On Nov 23, 2007 8:25 AM, Predrag Punosevac <[EMAIL PROTECTED]> wrote: > David wrote: > > Does anyone know if there is WPA support for OpenBSD being worked on? > > This would be nice. > > > > > There was a thread that I started a month ago unfortunately by > mis-spelling WPA as (wap). One of the answers was posted > I think by a developer who is currently working on WPA for OpenBSD. The > information was rather comprehensive and > I would just do harm by trying to repeat it. > > Best, > Predrag > > > David Newman wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On 11/22/07 1:55 PM, Christian Weisgerber wrote: > > > >>> David Newman <[EMAIL PROTECTED]> wrote: > >>> > >>> > >>>>>>>>> There is some layer-2 stuff that happens before layer-3 > >>>>>>>>> > > handshaking > > > >>>>>>>>> begins -- 802.11 association and deassociation, possibly layer-2 > >>>>>>>>> learning, and 802.1X authentication if that's used. IPSec will > >>>>>>>>> > > not and > > > >>>>>>>>> cannot secure any of this. > >>>>>>>>> > >>>>>>> Is there any need to secure that? In my local WLAN, you only > >>>>>>> > > have two > > > >>>>>>> ways of proceeding if you want internet access: a Tor router, or > >>>>>>> IPsec. > >>>>>>> > >>>>> Before either of those processes begin, I can associate like crazy to > >>>>> your access point. That would ensure you never get Internet > >>>>> > > access, even > > > >>>>> without my flinging a single IP packet at you. > >>>>> > >>> Duh. It's a *radio* network. Of course it can be DoS-ed. WEP > >>> doesn't change that. In fact, popular attacks against WEP generate > >>> massive L2 traffic. > >>> > >>> > > > > Yes. WPA is somewhat better (in that the better controller-based systems > > have rate controls). Other than being better than nothing on really old > > hardware, WEP is worthless. > > > > dn > > iD8DBQFHRk3LyPxGVjntI4IRApZlAJ44a3Um15XTftC6s7wlHXlWQOr/dwCg8ULI > > dZSlpbIowhsNSj3aqcCkoT8= > > =TjLE > > -----END PGP SIGNATURE----- > >
Reyk@ is working on WPA support in the 802.11 stack. They have added the wpa_supplicant port but it can not be used because it lacks some support in the stack. Any donations would probobly help. BR dunceor