|
"802.11 wireless issues listserv" <[email protected]> on Thursday, November 17, 2005 at 8:54 AM -0600 wrote: We are looking to implement a new wireless administrative network. In the past this administrative network was locked by static MAC addresses and a WEP key. I was wondering how different universities are handling this issue. (ex. WPA, static MAC addresses, 802.1x, etc.) This network will only be used by our IT staff, and the network has access to all university resources, based on firewall rules. Thanks for your help. Create a separate vlan. Put the admin team SSID on that new vlan. Use WPA or WPA2 encryption and you should be pretty secure. WPA2 you will want a radius server to use some of the EAP stuff but you can get by without one with WPA-PSK. Also setup your dhcp server to hand out ip addresses to that vlan. Then trunk all the connections that you want that vlan to have access too. Static MACs can be spoofed very easy, especially if you are only using WEP. Laptop with ethereal can break WEP encryption and find a valid MAC to use in less than an hour. There are even ways to make a access point send out tons of data, which allows the hacker to capture more packets in less time, which allows the WEP key to be discovered even quicker. Justin Dover Harpeth Hall School 615-346-0082 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. |
- Aruba vs. Meru wireless Matt Marmet
- [WIRELESS-LAN] Administrative Wireless Network morgenroth
- Re: [WIRELESS-LAN] Administrative Wireless Network Justin Dover
