From: "R. Simkins" <[EMAIL PROTECTED]> To: "WLAN list" <[EMAIL PROTECTED]> Subject: [BAWUG] WLAN open access Date: Tue, 25 Mar 2003 19:58:20 -0000
If a university implemented no WEP and no authentication for wireless users (open 2 all). Would relying on the NT passwords not being sniffed be an amazingly daft thing to do?
Staff would use VPN, student losers get no security unless they go to admin services and request it. Then they get VPN software too.
This would be in an attempt to reduce overhead. It is safe to say that if a
hacker wanted into the uni network, the physical restrictions on cables and
access ports are not sufficient to stop wired network hacking. Plus the fact
that hacking student accounts is not big business, maybe staff or mainframe,
but VPN will encrypt/secure that.
To anyone who specialises in network design/security, what do you think of this security method?
If your Windows machines are using LM or NTLM you should reconsider. If your machines are using NTLMv2 or Kerberos with strong passwords, you should be ok, assuming you are not sending LM hashes with the NTLMv2 traffic.
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
-- general wireless list, a bawug thing <http://www.bawug.org/> [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
