Besides the fact it's trivia to sniff and then spoof a MAC address AND someone using that same sniffer can crack the WEP after about 400,000 packets (Maybe less) -- if you are running everyone through an IPSEC tunnel over the air and have a set of firewalls between your 802.11b and your security domain, you should be fine as long as you change your key on the WEP every 200,000 packets or so.
This is definitely NOT something for sensitive data. And it can be sniffed with the right equipment from distances MUCH MUCH greater than it's operational distances. Use Google and look for 802.11b exploits. There are a bunch of papers out there, including ways to increase the sniffing distances with common, easy and cheap stuff. I use it at home for guests, but I can't think of a corporate setting that I'd volunteer to use it and, if forced, they'd have to sign a statement saying they understand the weaknesses and the extra man-hours necessary to support it. D. Weiss CCNA/MCSE/SSP2 -----Original Message----- From: Thomas Ullrich [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 3:58 PM To: Security-basics Subject: WLAN Hello everybody, we made positive experiences with a "3COM access point 6000", which works according to 802.11b. So far, I haven't heard any security doubts against this technology. The most important issue during configuration of a WLAN seems to be to allow only registered MAC addresses or WLAN cards to join the network. Are there any other points that should be considered when implementing wireless LANs? Thanks Thomas
