Full Disclosure mailing list archives

RE: Wireless Security

From: "Simon Hailstone" <Simon.Hailstone () orthogonsystems com>
Date: Fri, 28 Nov 2003 15:23:25 -0000

wireless being used for meeting rooms etc, so the users would be
random which would mean the constant addition / removal of MACs
to the AP which would probably not be possible or practical all
of the time.   Although policy could dictate that when a wireless
card is given out, the MAC address in added to the AP, however if
you have multiple APs in different areas of building, being
administered by different IT depts then this could soon become be
a problem.



One way around to ease the management burden in this kind of setup
is to have your AP's communicate with either central or distributed
RADIUS servers, in order to determine if specific MAC addresses should
be allowed to associate with the AP.

Actually I'm not sure if you can do this with the Cisco 802.11b kit,
however it is certainly possible with many other vendor's kit.

There is a white paper on this at :

http://www.wi-fitechnology.com/Wi-Fi_Reports_and_Papers/Freeradius_Deploymen
t_of_MAC_Address.html

( http://makeashorterlink.com/?K22A159A6 ) in case it wraps!




Simon Hailstone
Orthogon Systems

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Wireless Security Patrick Doyle (Nov 28)
- RE: Wireless Security Simon Hailstone (Nov 28)
  - Re: Wireless Security jan . muenther (Nov 28)
    - Re: Wireless Security Jonathan A. Zdziarski (Nov 28)
- RE: Wireless Security Ben Nagy (Nov 28)
- Re: Wireless Security Dennis Opacki (Nov 28)
- Re: Wireless Security Joel R. Helgeson (Nov 28)
- RE: Wireless Security Michael Chenetz (Nov 30)
- <Possible follow-ups>
- RE: Wireless Security Patrick Doyle (Nov 28)
- Re: Wireless Security Chris Adams (Nov 28)