Arnold G. Reinhold wrote: >Thus there is a need for a short term remedy that can work with the >existing standard. Maybe the easiest short term remedy that does not require any changes to hardware is the following: * Put the wireless network outside your firewall (or place a firewall between your wireless network and your internal, security-sensitive network), and * Use a VPN with strong end-to-end cryptographic authentication and encryption (e.g., IPSEC or equivalent) In short, don't trust the wireless devices to provide security -- treat the wireless cards as a way of getting insecure access, and then use an independent security mechanism.
- it's not the crypto Steve Bellovin
- 802.11 Wired Equivalent Privacy (WEP) attacks P.J. Ponder
- Re: 802.11 Wired Equivalent Privacy (WEP) atta... Eric Rescorla
- Re: 802.11 Wired Equivalent Privacy (WEP) atta... Derek Atkins
- Re: 802.11 Wired Equivalent Privacy (WEP) ... Arnold G. Reinhold
- Re: 802.11 Wired Equivalent Privacy (W... itojun
- Re: 802.11 Wired Equivalent Priva... Arnold G. Reinhold
- Re: 802.11 Wired Equivalent Privacy (W... R. A. Hettinga
- Re: 802.11 Wired Equivalent Privacy (W... David Wagner
- Re: 802.11 Wired Equivalent Priva... Don Davis
- Re: it's not the crypto Arnold G. Reinhold
- Re: it's not the crypto Dan Geer
- Re: it's not the crypto Barney Wolff
- Re: it's not the crypto Steven M. Bellovin