Re: [uug] Wireless Network

Tue, 06 Jan 2004 11:42:01 -0800

Good point. Although I think that using explicit MAC addresses is sufficient for most purposes, you're right. Setting up a VPN may require more effort to connect to the wireless network than many simple users can manage, but for real security it's necessary. However, if you are more concerned about making sure that your own transmissions when already connected to the network are secure, then just using a secure protocol is sufficient. This is where I fall. I'm not too concerned that my neighbors are going to steal wifi access from me, but I do block untrusted MAC addresses to my AP. But I _am_ concerned enough about people possibly sniffing my connection that I only send sensitive information over ssh or ssl.

Carl

On Jan 6, 2004, at 11:25 AM, Soren Harward wrote:

On Tue 06 Jan 2004 at 11:12:23, Carl Youngblood said:
WEP is not the answer. If you really want to lock down access to your
AP, only allow explicitly designated MAC addresses. If you really want
secure transmissions, make sure that any time you are sending sensitive
information, you are connected through SSL or using ssh. It's that
simple. 

Either that, or force wireless users to make a VPN connection into the
network.  This

a) allows you do use a decent encryption system
b) restricts use of the WLAN to users you want.  MAC addresses are easy
to spoof.

--
Soren Harward
[EMAIL PROTECTED]

____________________
BYU Unix Users Group
http://uug.byu.edu/
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list


Attachment: smime.p7s
Description: S/MIME cryptographic signature

____________________
BYU Unix Users Group 
http://uug.byu.edu/ 
___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list

Reply via email to