a little over a year ago, o'rielly came with this article regarding this issue or similar:
http://www.oreillynet.com/pub/a/wireless/2001/02/23/wep.html most people i have come across are only concerned about the data being secure from the wireless nic to the access point. and as most folks who have been in networking for a spell know: you do not trust the network to secure your data. does anyone remember all the whooplah when cable modems and dsl first arrived on the scene? your neighbor was on the "local area network" with you (thus, could do a netbios share of a not-so-secure windows hard drive). now, most have this netbios turned off or have a router, that may also serve as a firewall. it is a bit odd that people are most concerned about the wireless piece of securing their data. are they no longer concerned about who is sharing the "wireless" local area network with them? how many have personal firewalls installed on their windows laptops? there may be lots of folks out there running them. but has anyone correlated this peice of the network security to the days of your neighbor browsing your hard drive in the early days of cable modems? so, now it can be a person across the street, not your neighbor, with a directional antenna sharing the (wireless) local area network with you. i hope folks start to pay attention to this aspect of wireless security as well. additionally, securing their data from an end-to-end perspective may also be the best thing to do with the use of a vpn--or a tunnel, for the services like imap, pop, smtp, etc. they wish to protect. the article above addresses setting up a tunnel with securecrt under windows. that is one program under windows that one may use. another is setting up secure tunnels with putty. i did this with a friend's windows 2k laptop for smtp and pop3 access over to her account on my freebsd server, many moons ago, and it worked like a champ! for those of us running *nix, setting up these tunnels is fairly straight forward from the man pages or from o'reilly's book on ssh: http://www.oreilly.com/catalog/sshtdg/ i am sure there are many more folks out there with more knowledge about network security and encryption than i. please feel free to chime in, point out something i missed, or correct me. this is an interesting topic these days, and i hope that all aspects of wireless security are covered including the securing of data from end-to-end. regards, ian ---------------------------------------------------------------------- Ian Fink [EMAIL PROTECTED] The guru is the one who slides the pins out of the hinges on a locked, lost key door after the 'team' is lying on the floor with concussions from trying to break it down. -- anonymous -- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
