(keitai-l) 802.11b security [was: VoIP blah blah]

From: Benjamin Kowarsch <benjk_at_mac.com>
Date: 08/15/01
Message-Id: <[email protected][]>
>* The security of 802.11b is pretty much easy to hack
>   and the best is: You don't need a physical connection
>   to the network.

Where did you get that from ?

I don't know what kind of base station you are referring to but it is 
very easy to make 802.11b very secure by just checking a few tick 
boxes, for example on my Airport at home I checked ...

1) closed network

this means that the network's name is never advertised.

2) WEP encryption

this means nothing is sent unencrypted. BTW 802.11b uses DSSS, 
(Direct sequence spread spectrum), which was originally developed for 
secure military applications and if we would discuss 3G and security 
here you would probably explain to me how secure 3G is because of 

3) access control

where I enter the ethernet hardware address of the WiFi cards I allow 
to access my network.

also you can set your base station to only accept admin sessions from 
a non-wireless client.

These security features are very easy to use (just check the tick 
box). If people don't use them, then that is not to say that the 
technology is insecure.

GSM for example is designed to always authenticate a mobile phone 
when it signs on to a network, and the security is pretty good. 
However, many networks switch this off for roamers and reuse the 
challenge once the phone has been authenticated once in order to 
minimise SS7 traffic with the home network. This has led to fraud as 
it is easy to capture the reused challenge over the air. This is bad 
practise on the side of the networks - not a security flaw of GSM - a 
bandwidth inefficiency flaw perhaps but not a security flaw.

Same goes for 802.11b. If people don't use the features - it's bad 
practice. Eventually they will get hurt and learn to switch those 
features on. The technology however is very secure.

>Ok, it's not as easy, but it's possible. The few times I was
>involved with wireless networks, the person who set it up
>made major mistakes and it was accessible for everybody.

That's what happens if Nintendo kids are allowed to call themselves 
IT professionals. Not that it is that difficult to check three tick 
boxes - but it is probably too difficult to read the manual ;-)

If you had someone setup that base station who hasn't got any 
experience, the chance is that they would have first read the manual, 
where it says "If you do not check this box then everybody will have 
access to your network" and they would have naturally checked the 
tick box.

>Anyway, I am hungry now and follow Curt to MosBurger (not).

buon appetito!


[ Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/ ]
Received on Wed Aug 15 16:01:38 2001