Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Wireless Usage?

Casey,

The biggest risk in leaving your network "unsecured" is that anyone can utilize your network connection for casual use, possibly monopolizing the shared 11Mbit bandwidth, or for the launch of network attacks on hosts local to your network or any host that is accessible from your network. Wireless traffic, by its radio nature, is inherently insecure, since anyone with a wireless card and wireless traffic collecting software can accumulate your data and have access to anything you have transferred across the network, be it clear-text passwords, email messages, web page requests, or documents you've copied to/from a server.

Unfortunately, WEP is not terribly secure, taking anywhere from 30 seconds to 45 days to crack, depending on network traffic, the encryption type used (64(40bit) or 128(104bit) encryption), and the hardware a cracker has to apply to the attack, and only secures traffic as it travels from the client to the access point.

CU Boulder is not currently using WEP due to its lack of security, the absence of security in any kind of key distribution scheme for thousands of users, and the need for compatibility with a wide range of client platforms. We are using a routing scheme that requires all users to register the wireless card's hardware (MAC) address, which is admittedly not unbreakable access control, but it does provide us with basic access control and usage information. We also encourage everyone using a wireless connection to use secure clients and protocols (SSH, SSL, kFTP (where available) sftp, and VPN where available). We are investigating the possibility of requiring all wireless clients to utilize a VPN connection for network access, which is revealing a severe shortage of options for handheld devices, as there are few, if any, software packages that provide Palm or Pocket PC clients with the ability to make an IPSec connection. VPN is currently the most secure solution for protecting data and access, but it can also be the most costly solution for a sizable network with thousands of users.

Best of luck in your pursuit! Wireless security isn't necessarily an oxymoron, it is simply something you must pursue with the understanding that the transport medium offers no security whatsoever. From there, you can only get more secure! ;-)

Gary

------------------------------------------------

Gary Franz

Information Technology Services
MicroSystems Group, Apple/Network Support

Team Leader
ITS Wireless Access Team
University of Colorado, Boulder
email@hidden



On Tuesday, September 24, 2002, at 11:35 AM, Casey Bisson wrote:

Howdy,

We're using wireless in many locations here, but somebody just got scared about security. Until now we haven't been using WEP, nor have we cloaking the network name for wireless base stations that serve mobile classrooms on campus.

<long question> I'm wondering how wireless is being used on other campuses, how security concerns may play on that, and what the philosophy about security is? <abreviated question> Do you use WEP? Yes/no, why?

Thank you in advance,

Casey Bisson
__________________________________________

Systems Administrator & Library Systems Liaison
Plymouth State College
Plymouth, New Hampshire
http://oz.plymouth.edu/~cbisson/
ph: 603-535-2948
_______________________________________________
maclabmanager mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/maclabmanager
Do not post admin requests to the list. They will be ignored.
_______________________________________________
maclabmanager mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/maclabmanager
Do not post admin requests to the list. They will be ignored.
References: 
 >Wireless Usage? (From: Casey Bisson <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.