BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Wireless ethernet?

Subject: Wireless ethernet?
From: warlord at MIT.EDU (Derek Atkins)
Date: 13 Aug 2001 10:30:38 -0400
In-reply-to: David Kramer's message of "Mon, 13 Aug 2001 10:19:11 -0400 (EDT)"
References: <Pine.LNX.4.33.0108131016570.28199-100000@kramer.ne.mediaone.net>

No, WEP does no such thing.   Consider that your whole system, and
all users, have to share a single WEP key...    No, there is
no authentication.  And yes, WEP _DOES_ encrypt the on-the-airwaves
data, but does so in a broken way that allows someone to derive
your actual WEP key.  Once I have your WEP key, I'm on your wireless
network....  This implies that it's safer to not trust your wireless
network in the first place.

In other words, keep your wireless network "open" and use real
encryption/authentication technologies to let users access your
network services.

-derek

David Kramer <david at thekramers.net> writes:

> On 13 Aug 2001, Derek Atkins wrote:
> 
> > Don't use WEP.. It's broken, completely.  If I can _hear_ your
> > base station I can break your keys in a matter of minutes (well,
> > after I 'hear' a few million packets, but that only takes an hour
> > or so on a busy LAN).
> >
> > WEP is broken.  You might as well keep it off and just use IPsec
> > and ssh.
> 
> I'm more-than-new to this (I have ordered, but not received, my wireless
> gear), but isn't the purpose of WEP to authenticate the client, not
> encrypt the connection?  I can't vouch for how crackable WEP is, but using
> ssh over wireless does not help authenticate the client, so it's not
> really a substitute.
> 
> -------------------------------------------------------------------
> DDDD   David Kramer                   http://thekramers.net
> DK KD  "If I asked you where we were," said Arthur weakly, "would I
> DKK D  regret it?"  Ford stood up.  "We're safe," he said.  "We are
> DK KD  in a small galley cabin," said Ford,  in one of those
> DDDD   spaceships of the Vogon Construction Fleet."  "Ah." said
>        Arthur, "this is obviously some strange usage of the word
>        _safe_ that I wasn't previously aware of."
>                  Douglas Adams, "Hitchhiker's Guide to the Galaxy".
> 

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).

Follow-Ups:
- Wireless ethernet?
  - From: mike at bilow.com (Michael Bilow)

References:
- Wireless ethernet?
  - From: david at thekramers.net (David Kramer)

Prev by Date: AT&T cablemodem port blockage survey
Next by Date: Wireless LAN security (fwd)
Previous by thread: Wireless ethernet?
Next by thread: Wireless ethernet?
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org