On Tue, 16 Jul 2002, Rick Doten wrote: > Excellent point Jeff, many enterprises are realizing the risk of that > "network jack in the wall" that connects to their internal network. > > There are 3 different classes of products to identify rogue access points: > over the wire, wireless ad hoc, and wireless enterprise.
Just like TCP was designed to do end-to-end acknowledgement, because the network in between might contain nodes that drop packets on the floor, encryption and AAA (authentication etc) need to be done end-to-end. Once this application-level habit is in place (you always use SSH, never telnet, always HTTPS, never plain HTTP, etc.) you can stop worry if the access points or other components of the intermediary network is "reliable", "safe", "rogue" or something else, and start to focus on the end-to-end aspects of your communication needs. Telnet is dead, of course. Virtually nobody uses telnet anymore. But the majority of websites still use unencrypted HTTP (hey, for what reason?). Most SMTP traffic is unencrypted. Maybe IPsec is the solution? I don't know. TCP's end-to-end acknowledgement wasn't the only choice at the time. X.25 and plenty of other communication protocols for "virtual circuits" used acknowledgement and packet retransmission on a lower, link-to-link level. It took well over a decade to kill off non-end-to-end acknowledgement. -- Lars Aronsson ([EMAIL PROTECTED]) tel +46-70-7891609 http://aronsson.se/ http://elektrosmog.nu/ http://susning.nu/ -- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
