There are issues with TLS & SSL, more details should be out like now or any day. I view wireless as a transport layer for my VPN or other tunnels.
On Wed, Feb 3, 2010 at 2:45 PM, Michael Miller <[email protected]>wrote: > If you can use TLS or SSL to talk to the server. I would recommend > doing that as well along with WPA-2. > > -mmiller > > On Tue, Feb 2, 2010 at 10:30 AM, Jody & Jennifer McCluggage > <[email protected]> wrote: > > Under the conditions that you describe (no radius, no enterprise gear, > > single user), I believe your best bet would be to implement WPA-2 > Personal. > > This setup requires a pre-shared key that is used by both sides. Under > most > > clients, after initial setup, the user does not need to know the > pre-shared > > key to use it (it is installed on the client), so make the pre-shared key > > wickedly long and complex (25+ random string). The biggest issues with > > pre-shared keys are that all systems must use the same one and they > usually > > must be manually updated (i.e. they are not changed on a regular basis). > > Since you are only implementing for one user, the first weakness is > > mitigated quite a bit. You can help mitigate the second one by creating > a > > very long and complex string and securely storing it (use something like > Kee > > Password safe, etc). Most of the tools out there currently attempt to > break > > WPA-2 Personal rely on a weak pre-shared key (i.e. most don’t directly > > attack the encryption or algorithm) so can usually be thwarted by using a > > strong key. > > > > > > > > I have not worked directly with OpenWRT but I assume that it supports > WPA-2 > > Personal? > > > > > > > > As for HIPAA, it does not proscribe specific steps on how to secure > wireless > > (the new updates in the ARRA HITECH does proscribe acceptable encryption. > > WPA-2 uses AES which should satisfy it). Its goal is to simply secure > > protected health information. It is organization’s job to determine the > > best way to do that and justify it through risk analysis and migration > > processes. So the bottom line is, whatever you decide to do, document > what > > you perceive the risk to be and how you went about mitigating it. > > > > > > > > Jody > > > > > > > > ________________________________ > > > > From: [email protected] > > [mailto:[email protected]] On Behalf Of Tyler > Robinson > > Sent: Monday, February 01, 2010 7:56 PM > > > > To: PaulDotCom Security Weekly Mailing List > > Subject: [Pauldotcom] Secure "Relative Term I guess" Wireless network > > withVPN > > > > > > > > Just wondering if anyone has had any experience configuring DDWRT or > OpenWRT > > to be HIPPA compliant across WIFI, I have a single user, single machine > > Medication cart that I need to be WIFI mobile but still HIPPA comliant > and > > of course the customer wants to spend the least amount of money so no > radius > > and no special enterprise WIFI Gear. Any advice is always appreciated. > > Thanks, > > TR > > > > -- > > Tyler Robinson > > Owner of Computer Impressions > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Tim Krabec Kracomp 772-597-2349 smbminute.com kracomp.blogspot.com www.kracomp.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
