X-UIDL: 25 X-Mozilla-Keys: Return-Path: os2-wireless_users-owner@2rosenthals.com Received: from mail.2rosenthals.com (localhost [127.0.0.1] ) by mail.2rosenthals.com (Hethmon Brothers Smtpd) ; Fri, 8 Aug 2003 01:45:36 -0500 Received: from mail1.no-ip.com (goodyear.vitalwerks.com [64.156.198.155] ) by mail.2rosenthals.com (Hethmon Brothers Smtpd) ; Fri, 8 Aug 2003 01:45:34 -0500 X-Envelope-To: Received: (qmail 17677 invoked by uid 89); 8 Aug 2003 05:45:23 -0000 Received: from unknown (HELO fep04-mail.bloor.is.net.cable.rogers.com) (66.185.86.74) by mail1.no-ip.com with SMTP; 8 Aug 2003 05:45:23 -0000 Received: from rogers.com ([65.48.33.30]) by fep04-mail.bloor.is.net.cable.rogers.com (InterMail vM.5.01.05.12 201-253-122-126-112-20020820) with ESMTP id <20030808054439.CHFH392870.fep04-mail.bloor.is.net.cable.rogers.com@rogers.com> for ; Fri, 8 Aug 2003 01:44:39 -0400 Message-ID: <3F3338FD.2070304@rogers.com> User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: en-us, en MIME-Version: 1.0 References: <200308072326_MC3-1-467A-D3FB@compuserve.com> In-Reply-To: <200308072326_MC3-1-467A-D3FB@compuserve.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH PLAIN at fep04-mail.bloor.is.net.cable.rogers.com from [65.48.33.30] using ID at Fri, 8 Aug 2003 01:44:39 -0400 Date: Fri, 8 Aug 2003 01:45:35 EST5EDT4,M4.1,M10.5 X-OldDate: Fri, 08 Aug 2003 01:45:33 -0400 Sender: os2-wireless_users-owner X-Listname: os2-wireless_users@2rosenthals.com Reply-To: os2-wireless_users@2rosenthals.com From: Orest Skrypuch To: os2-wireless_users@2rosenthals.com Subject: [OS2Wireless] WPA - any OS/2 wireless PC X-List-Unsubscribe: Send email to mailusers-request@2rosenthals.com X-List-Owner: mailusers-owner@2rosenthals.com Charles McCallister wrote: >Orest, > >After reviewing the Wi-Fi Alliance website, it appears that Texas >Instruments is producing the new chip for inclusion on the mPCI Wi-Fi >adapters in our machines (and possibly the WAP, too) such that if there is >no ability to upgrade the drivers to utilize the newer 802.11i protocol in >place of the present WEP encryption then we may be relegated to strictly >WEP encryption. I suppose you might replace the static encryption key >every month or so to avoid some of the problems of a static key. > >What do you think? > > > > Chariles, Better than nothing for sure. Airsnort can decode WEP keys in a couple of days -- on a busy corporate net. On a quieter SOHO net, it might take much longer, but probably not a month -- if someone was really interested. This software is available for free in "plain sight" on the web. Now if you hide ESSID names, and use MAC filtering on the router, you are somewhat safer still. But I think I wouldn't care to trust it if file/print sharing was running on the circuit, in particular if you had any Windows machines on the LAN. Any of your sensitive internet browsing info will be protected by SSL or whatever. WPA with TKID with rotating keys (set to change every so many bytes or every so many minutes) based on a single initial passphrase that is never itself sent in the clear and packet integrity checksums, even without the RADIUS server authentication available to large corporate sites, would make me feel a lot better. Maybe I'm just too paranoid, I'm certainly no expert on this. * Orest =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= To unsubscribe from this list, send a message to steward@2rosenthals.com with the command "unsubscribe os2-wireless_users" in the body (omit the quotes). For help with other commands, send a message to steward@2rosenthals.com with the command "help" in the body (omit the quotes). =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=