[9472] in cryptography@c2.net mail archive
Re: New encryption technology closes WLAN security loopholes
daemon@ATHENA.MIT.EDU (Bill Frantz)
Mon Sep 24 18:05:51 2001
Message-Id: <v03110705b7d5554df277@[165.247.220.34]>
In-Reply-To: <200109241936.PAA09289@bual.research.att.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Mon, 24 Sep 2001 14:26:23 -0700
To: ji@research.att.com, cryptography@wasabisystems.com
From: Bill Frantz <frantz@pwpconsult.com>
At 12:36 PM -0700 9/24/01, ji@research.att.com wrote:
>>While we are on the topic, it seems to me that the other implication
>>of 802.11 is that the Ethernet backbone in most offices can no longer
>>be considered secure.
>
>Given the number of people with laptops who bring them in and out of
>your average firewalled network, nothing can be considered secure. Or
>people spreading viruses, for that matter.
>
>/ji
>
>
>[Moderator's Note: To expand on John's point, many organizations were
>infected with Code Red by people plugging their laptops in to the
>corporate LAN after running them outside the LAN, or were infected via
>VPN tunnels from machines on the outside that were incorrectly not
>thought of as being part of the security perimeter. In the face of
>such attacks, firewalls can no longer stop worms or viruses from
>entering a firm. --Perry]
Or in other words, the first requirement for perimeter security is a perimeter.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
frantz@pwpconsult.com | fair use. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
