[oclug]Wireless Internet Cafes
Ross Jordan
rjordan at student.math.uwaterloo.ca
Wed Nov 20 20:26:14 EST 2002
>
> Actually, privacy is not really an issue if correctly setup. With your
> favorite wireless lan manager (or XP's built in one) you should be able to
> isolate any connections to specific mac addresses. With IBM's version the
> communication is encrypted and mac loging is mandatory. Once they are input,
> the wlan is pretty secure.
Well, "pretty secure" for small values of pretty.
MAC filtering is nearly useless, as it is trivial to spoof someone
else's allowed MAC (and this can be determined through sniffing).
The standard encryption that comes with wireless networks is WEP.
WEP has been broken (64bit can be *fully* cracked in about 2hours,
128bit takes about 10hours). Even generally accepted encryption
techniques like ssl, ssh and even VPN are vulnerable to man in
the middle attacks at the WLAN management layer (see airjack).
-Ross
More information about the OCLUG
mailing list