Exploiting and Protecting 802.11b Networks 168
iforgotmyfirstlogon writes: "A couple of guys from Extreme Tech drove around New York, New Jersey, Boston, and Silicon Valley with a high gain antenna to see how many (secure and) unsecure wireless networks they could tap into. They used NetStumbler and Linux AirSnort to help them search. Results? They came across over 800 networks and less than 40% had any sort of security."
802.11b Insecurities (Score:1, Informative)
So put it outside the firewall. (Score:4, Informative)
Hear hear.
So the thing to do is to put the wireless LAN port on the logical OUTSIDE of your firewall and let the laptops all tunnel in through it. Your firewall can also filter connections between the WLAN and your net feed.
For the open net your users can also encrypted-tunnel to the tunnel server and go out from there, to avoid eavesdroppers. With this configuration there's no reason to bother with WEP.
Go ahead and route packets between the net and the wireless port if you're feeling altruistic, or restrict WLAN connections to the tunnel server(s) if you're not.
Re:Any How-to Doc on how to secure your wireless L (Score:2, Informative)
http://www.extremetech.com/article/0,3396,apn%2
There are no Secure 802.11 networks... (Score:3, Informative)
All it takes is time and traffic.
Of course, it still amazes me that so few had even the most basic levels of security installed.
Then again, most of the managers I have worked for seem to think that if you take steps to protect yourself, you become liable if you get hacked. (Yes, I know that makes no sense. Never stopped them...)
There's already a solution -- 802.1x (Score:1, Informative)
Using 802.1x, a computer/user must authenticate to the access point through standard RADIUS/EAP mechanisms (e.g., smart card, certificate, MD5-based challenge response, etc.). If you are unable to authenticate, the access point (or wired Ethernet switch, for that matter -- this isn't 802.11b specific) will refuse to forward any of your packets to the network.
There are also provisions in 802.1x to have the access point authenticate to the client, in order to prevent man-in-the-middle attacks, among other things.
Furthermore, 802.1x provides means to give each user a different WEP key, and to cycle those keys at various intervals. This greatly reduces the exploitability of the cryptographic flaws in WEP. (These flaws should still be addressed, though.)
Finally, 802.1x is already available today, in Windows XP.