Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fixing Wireless Security By Pulling The Plug

Posted by timothy on from the security-through-snippers dept.

An anonymous reader writes "It seems as though the Japanese government is paying attention to some security concerns of wireless networks, and rather than addressing the problem, taking a more aggressive but perhaps not as thorough approach to the issue at hand. Not very technical, but at least its good to see governments actually doing something about it."

7 of 133 comments (clear)

  1. Maybe not the most thorough approach... by xactoguy · · Score: 2, Insightful

    But it is one the most secure ones. Any network can be hacked, and all it takes is time, as long as you have access to the network. Now that there is no access to a wireless LAN, they have solved their problem, unless they are worried about people who already have access to computers on the network.

    --


    And so we go, on with our lives
    We know the truth, but prefer lies
    Lies are simple, simple is bliss
    1. Re:Maybe not the most thorough approach... by Hormonal · · Score: 2, Insightful
      I agree, although if they're paranoid enough to kill the WAP (I certainly would), maybe they should be reissuing passwords, in case anyone happened to grab them during their time of vulnerability.

      I scares me shitless to think that there have been successful wardriving sessions in the Washington, D.C. area.

  2. O'Reilly book? by masonbrown · · Score: 3, Insightful

    Has anyone read the new O'Reilly book on securing 802.11b networks? Does it offer any cross-platform, cross-vendor solutions to general 802.11b insecurity?

  3. They did the right thing by humina · · Score: 3, Insightful

    You can get into a wireless network from VERY far away with the right antennas and equipment. Sensitive data should stay as far away from wireless as possible. The Japanese government did the right thing in pulling the plug. Most companies would just try to use the wireless network anyhow cause they already spent the money on the equipment. Wireless has it's uses. They just do not include sensitive networks.

    --
    check out the best blog ever:
    http://oehlberg.com
  4. I do contract work with casinos by JeanBaptiste · · Score: 4, Insightful

    Casinos and nuclear power plants. Anything that is remotely sensitive is kept off of any network that eventually attaches to the internet. Firewalls, DMZs, encryption, all this stuff is great, but if its really important, no outside connections are the only way to go.

    so, I agree with Japan on that. and on the ps2.

  5. Re:Security is in the eyes of the beholder.(or adm by spanky1 · · Score: 2, Insightful

    If they would just reject all unknown mac addresses and accept from a known list WITH the added benifit of encypting all the traffic there would be NOTHING to worry about.

    A little too confident here? WEP encryption is flawed and hackable without too much effort. MAC addresses can be spoofed pretty easily.

    Wireless is very tempting, but it should be considered a "public" network. Run all of your traffic through encrypted IPSec tunnels.

  6. IPSEC by mfarver · · Score: 3, Insightful

    The real problem is organizations grip tightly to the idea that physical security exists.

    The truth is that its only slighty harder for a attacker to get a physical connection to your network than for that same hacker to sit in your parking lot and wirelessly surf.

    But, wait, we have id badges, and a security gurd at the door, no one can get to our cables: I once worked with a guy who was paid to do penetration testing, he spent a week wandering around inside the corporate headquarters, until the company IT director declared his attacks unsuccessful (they had no firewall logs of his intrusions, so he must have not got in.) The IT director was displeased with the final report, showing all the data he had accessed (some from the consoles of the "secure" machines) and with the CEO who had agreed that the testing included physical site security.

    It becomes even easier when you accept that the vast majority of intrusions come from inside the company, from people who already likely have access to the network.

    Sending confidential data in the clear on a wired or wireless network is not a good idea, period.