Hey List, I'll throw in 2 cents here. Yes, WEP does suck (i.e. it's easily crackable, requires manual keying/rekeying, etc.), though I use it at home and suggest it to others. Reason being is that traffic on home or even SOHO WLANs is typically fairly low, and WEP attacks depend on gathering lots of traffic and IV collisions. But, given time, your WEP key will be cracked. It's just faster if your WLAN generates a lot of traffic. As a note, I also use and suggest MAC filters for home users. I don't have any real assumptions of security with this setup, but any important data/traffic I'm working with is also encrypted w/ SSH, SSL, or IPSec (sometimes combinations).
Enterprises or decent size companies have a lot of other options even outside of WPA (which I don't beleive has been finalized yet). Typically, they rely on hw homogeneity (i.e. use Cisco) - 802.1x, LEAP. These solutions use stuff like user rather than device authentication, per packet keying, RADIUS, etc. They are pretty robust, and Cisco is typically what I would recommend (pricy but good). WPA is essentially going to be a standardization of a lot of these adhoc extensions that have been made to WLAN/WEP, etc. security (i.e. will work with non-cisco gear). WPA will be a huge improvement and will likely have plenty of support across vendors. As mentioned, Ben's suggestions of ssh/ipsec/ssl are also definite options for smaller networks, and are good practices in general. P.S. - any note about this Thursday's meeting? There was a note last week about the building being closed? I was going to try and make it this week. Later, J >WEP sucks anyway, if you want "good" encryption, >then use a (ha, patched) version of ipsec, ssh, >lsh, etc... If it takes a few more >minutes for someone to crack a 128-bit key than a >64-bit one, what's >the big deal, it is still in the realm of "easily >crackable". >I have heard that the latest wifi encryption >standard, from WPA is >it(?), is much better, but I'm not up on that. >Anyone? Is the >successor to WEP really better?? > >thanks, > > Ben B __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
