On Mon, Feb 11, 2002 at 08:13:22PM -0800, David Talkington wrote:
: Chad and Doria Skinner wrote:
:
: >1. Setup DHCP to only assign IPs to specific MAC Addresses
:
: Wrong already. MAC addresses are under client control. You can
: assign a different one to your network card with ifconfig (if the
: driver can handle that). Try it. :-)
Now before you immediately discount that, remember that a would-be
attacker would need to know the MAC address of an *authorized* client.
Any by the way - MAC addresses aren't always under the control of the user
when we're talking about WLAN cards.
It's not what I'd call great security, but it's definitely a part of
a reasonable WLAN security plan. That, coupled with strong authentication,
strong encryption (i.e. NOT WEP!) and physical separation from the wired
LAN would result in a good policy.
Remember, wired LAN jacks aren't magically secure either. How many times
do you see sites that just have jacks all over the place patched in? All
the time! Ok, so I want to infiltrate your building. No problem, I'll get
a job on your cleaning staff, or with the company that cleans your building.
That gives me nearly open access during off-hours. I'd plant a laptop
on your network. Or, how about instead, I plant a wireless access point?
Now I'll hack you from your parking lot.
Properly deployed, WLAN can be just as secure, or MORE secure than wired
LAN technology.
--
Jason Costomiris <>< | Technologist, geek, human.
jcostom {at} jasons {dot} org | http://www.jasons.org/
Quidquid latine dictum sit, altum viditur.
My account, My opinions.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
