Replacing WEP with IPsec on OpenBSD, Windows XP

BSD Forums writes "WEP has been proven insecure and is thus inadequate for protecting a wireless network from eavesdropping or abuse. IPsec can be used as a replacement to WEP in the following scenarios. Joshua Stein has implemented IPsec on OpenBSD with manual keying between a router and a client as a replacement. Also, Thomas Walpuski describes in detail the configuration of an IPsec Host-to-Host connection between OpenBSD and Windows XP Professional with Authentication via X.509v3 Certificates."

No it doesn't

[democritus]

And even with you scenerio of a nosy neighbor, I hope you're using an SSL/HTTPS website, so your credit card number is secured through that interface.

Encrypting the physical layer is just silly. If you want your packets to stay private, use the appropriate encryption on proper level.

Re:If I SSH to everything, do I still need IPsec?

[benk0027]

IPSec or WEP doesn't just keep your traffic secure. It also helps ensure who can connect to your access point. So, probably, because it will help keep people from stealing bandwidth from you or finding unencrypted stuff you didn't want them seeing. It's basically to encrypt all traffic to and from the WAP - clients.