Mailing List os2-wireless_users@2rosenthals.com Archived Message #4431

From: Orest Skrypuch <os2-wireless_users@2rosenthals.com> Full Headers
Undecoded message
Sender: os2-wireless_users-owner <os2-wireless_users-owner@2rosenthals.com>
Subject: [OS2Wireless] WPA - any OS/2 wireless PC
Date: Fri, 8 Aug 2003 01:45:35 EST5EDT4,M4.1,M10.5
To: os2-wireless_users@2rosenthals.com

Charles McCallister wrote:

Orest, After reviewing the Wi-Fi Alliance website, it appears that Texas
Instruments  is producing the new chip for inclusion on the mPCI Wi-Fi
adapters in our  machines (and possibly the WAP, too) such that if there is
no ability to  upgrade the drivers to utilize the newer 802.11i protocol in
place of the  present WEP encryption then we may be relegated to strictly
WEP encryption. I  suppose you might replace the static encryption key
every month or so to avoid  some of the problems of a static key. What do you think?
Chariles,

Better than nothing for sure.

Airsnort can decode WEP keys in a couple of days -- on a busy corporate net. On a quieter SOHO net, it might take much longer, but probably not a month -- if someone was really interested. This software is available for free in "plain sight" on the web.

Now if you hide ESSID names, and use MAC filtering on the router, you are somewhat safer still.

But I think I wouldn't care to trust it if file/print sharing was running on the circuit, in particular if you had any Windows machines on the LAN. Any of your sensitive internet browsing info will be protected by SSL or whatever.

WPA with TKID with rotating keys (set to change every so many bytes or every so many minutes) based on a single initial passphrase that is never itself sent in the clear and packet integrity checksums, even without the RADIUS server authentication available to large corporate sites, would make me feel a lot better.

Maybe I'm just too paranoid, I'm certainly no expert on this.

* Orest


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

To unsubscribe from this list, send a message to
steward@2rosenthals.com with the command
"unsubscribe os2-wireless_users" in the body
(omit the quotes).

For help with other commands, send a message
to steward@2rosenthals.com with the command
"help" in the body (omit the quotes).

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=




Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster