Re: wirless connection security issues

["Jarrod Frates" <jfrates.ml () gmail com>]

On 7/31/06, Michael Krymson <krymson () gmail com> wrote:
> - turn on encryption, WEP is ok (yes, it is ok, read on), WPA is much
> better, WPA2 is what you really want if you can.
> - change your WEP password if you use WEP every month

WEP is *never* OK unless you have *absolutely* no other choice.  The
device in question here is a WPA54GL, and it can use WPA2.  I've
cracked WEP in 14 minutes -- and the known record is just about four
minutes -- using information available on a variety of sites.  One
download -- Backtrack Live CD -- and a wireless-capable computer would
have the network open in very short order -- and much faster than your
recommended monthly changeover.  Your presumption of keeping out only
casual users ignores the threat from youths who let curiosity get the
better of their judgement as well as those who would target such
locations as an easy spot from which to take other actions.


Jarrod

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------