Re: airport / pcmcia ?

To: debian-powerpc@lists.debian.org
Subject: Re: airport / pcmcia ?
From: Andrew Sharp <andy@netfall.com>
Date: Fri, 24 Aug 2001 00:35:08 -0700
Message-id: <[🔎] 3B8603AC.43896AD2@netfall.com>
References: <[🔎] 200108240617.IAA00798@piglet.grunz.lu>

Michel Lanners wrote:
> 
> Hi all,
> 
> On  20 Aug, this message from Andrew Sharp echoed through cyberspace:
> > Colin Walters wrote:
> >>
> >> Michael Flaig <mflaig@uni.de> writes:
> >>
> >> > Well ... no encryption is bad :-( Everyone with a laptop in front of
> >> > my door could sniff my network, or isn´t it so easy ?
> >>
> >> As I understand it, WEP is bad becuase the key size is far too small.
> 
> No, it is mostly because it is implemented _wrong_. There are a few
> drawbacks in the potocol spec, that is what makes WEP a joke.
> 
> Have a look here:
> 
> http://slashdot.org/article.pl?sid=01/08/09/1758200&mode=thread
> http://www.cs.rice.edu/~astubble/wep_attack.pdf
> http://slashdot.org/article.pl?sid=01/07/27/1734259&mode=nested

Boy.

> >> This means an attacker would only have to make a slight amount of
> >> effort to break the encryption through brute force.
> 
> Not brute force (well not really... it's not about trying every possible
> key one after the other), but simply by listening to wireless traffic,
> and extracting information out of it as it goes by.... Have a look here
> for tools that do the crack for you:
> 
> http://airsnort.sourceforge.net/
> http://sourceforge.net/projects/wepick
> 
> > Which is better than no encryption, hello.
> 
> Right. WEP still prevents casual sniffing, and easy wireless net
> hijacking. However, your neighbour in the apartment next to you could
> still _easily_ crack your net in no time.

Actually, I was gonna set all my neighbors up on the network.  ~:^) 
See consume.net and also
http://www.thestandard.com/article/0,1902,23672,00.html for
details.  The open source model comes to network infrastructure!

> > Also, the key size is
> > not fixed but only depends on how you set it up.  A key size of 40
> > bits prevents casual sniffing of your "conversations" while not
> > adding significant cost to the parts.  A key size of 128 bits
> > prevents any timely cracking of your network traffic,
> 
> No, that is not true anymore, as has been pointed out.
> 
> I'd suggest these steps to secure an 802.11 network (in increasing
> efficiency):
> 
> - use hard-to-guess network names
> - use WEP
> - use MAC-based access-control
> 
> these three should really be the base line
> 
> - use application-level encryption or a strongly encrypted tunnel

Got it.  Now if I can just get ppp to work on my 8500....

a

Reply to:

References:
- Re: airport / pcmcia ?
  - From: Michel Lanners <mlan@cpu.lu>

Prev by Date: PPP (was: Xpmac on Powerbook 1400c)
Next by Date: adbmouse
Previous by thread: Re: airport / pcmcia ?
Next by thread: Re: airport / pcmcia ?
Index(es):
- Date
- Thread