Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Year 2003 in Wireless Network Security

Posted by CowboyNeal on from the hindsight-being-what-it-is dept.

OenMarK writes "I ran into an article that is basically an overview of events, software releases, and happenings related to wireless security. There's also a Q&A with some wireless security experts, one of which is from IBM. What's your take on wireless security? Are we there yet?" This is the same site that also hosts the look back at Linux security we posted earlier. They complement each other well.

4 of 66 comments (clear)

  1. Not a very informative article. by plover · · Score: 4, Insightful
    I would much rather more information about attacks and their severity.

    A study of honeypot projects that showed most wi-fi abuse was "bandwidth stealing" doesn't exactly fill me with a sense of dread. More useful would have been a list of attempts hackers sitting outside of unsecured businesses trying to get at the corporate data.

    Or are they trying to lull potential customers into a false sense of security?

    --
    John
  2. VPN... by craenor · · Score: 4, Informative

    Just have your wireless devices set to a DMZ that opens to one page, a VPN portal. Then you have a wireless connection, with VPN providing your security. Voila...a little bit more cumbersome, but isn't your network integrity worth it?

  3. Easy Setup and Mantainance of Security is Key! by dduardo · · Score: 5, Insightful

    On Linksys' site they have 7 things people should do to keep their wireless network safe:

    1. Change the default SSID.
    2. Disable SSID Broadcasts.
    3. Change the default password for the Administrator account.
    4. Enable MAC Address Filtering.
    5. Change the SSID periodically.
    6. Enable WEP 128-bit Encryption. Please note that this will reduce your network performance.
    7. Change the WEP encryption keys periodically.

    Now your telling me average joe (or administrator) is going to preform all these tasks, and remember to regularly change the WEP encryption keys. This is a problem, and until security setup and mantainance is automated and/or easy enough for the everyday folk, there is going to be a continual growth of attacks on these type of networks.

    ------------

  4. Are we there yet? by TechyImmigrant · · Score: 4, Interesting

    Are we there yet? Lets see..

    1) 802.11i is still not yet approved as a standard
    2) WPA (the impetuously released TKIP variant) is not widely available and like 802.11i relies on 802.1X.
    3) 802.1X has been withdrawn by the IEEE pending a re-write. Its broken for wireless. Don't expect to see the revision any time soon.
    4) No semblance of a seamless, inter operator, inter hotspot, non web-pagey user authentication scheme for mobile devices is widely deployed for 802.11.
    5) Other wireless networks that are deployed are insecure (E.G. GSM)

    I think maybe there's a way to go yet.

    --
    Evil people are out to get you.