[8594] in cryptography@c2.net mail archive
Re: 802.11 Wired Equivalent Privacy (WEP) attacks
daemon@ATHENA.MIT.EDU (David Wagner)
Tue Feb 13 20:34:35 2001
To: cryptography@c2.net
From: daw@mozart.cs.berkeley.edu (David Wagner)
Date: 10 Feb 2001 05:23:55 GMT
Message-ID: <962j9b$bd5$1@abraham.cs.berkeley.edu>
Reply-To: daw@cs.berkeley.edu (David Wagner)
Arnold G. Reinhold wrote:
>Thus there is a need for a short term remedy that can work with the
>existing standard.
Maybe the easiest short term remedy that does not require
any changes to hardware is the following:
* Put the wireless network outside your firewall
(or place a firewall between your wireless network and your
internal, security-sensitive network), and
* Use a VPN with strong end-to-end cryptographic authentication
and encryption (e.g., IPSEC or equivalent)
In short, don't trust the wireless devices to provide security
-- treat the wireless cards as a way of getting insecure access,
and then use an independent security mechanism.
