Re: Current state of security features


From: Hans Freitag (macrotron_at_president.eu.org)
Date: 2002-03-07 08:36:25 UTC



Hi,

On Thu, Mar 07, 2002 at 11:47:04AM +1100, Saliya Wimalaratne wrote:

> Because of the inherent weaknesses in WEP and MAC-based
> authentication; probably the best thing you can do is (on your Linux
> box) is setup a VPN server (i.e. FreeS/WAN for Linux clients and MS-PPTP
> for Windows clients) and only permit access to the 'outside' via the VPN.

Cipe is a possibility, too. pptp is not encrypted as far as i know.

> If you enforce high-strength crypto for the VPN people *may* still be able
> to associate with your AP but they will not be able to get at other
> people's traffic nor get to the 'outside'.

Maybe it's possible to program an encryption similar to wep, but with "real" security with in the HostAP driver. This may not be useable with other, of course, but it could work within a Linux HostAP environment.

Request for Comments! ;-)

bye

-- 
May the Source be with you!


This archive was generated by hypermail 2.1.4.