North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Wifi Security

  • From: Christopher L. Morrow
  • Date: Mon Nov 21 10:51:43 2005

On Mon, 21 Nov 2005, Niels Bakker wrote:

> * [email protected] (Stephen J. Wilcox) [Mon 21 Nov 2005, 16:07 CET]:
> >heres some fun, next time you're at nanog or your favourite geek
> >conference, just run 'tcpdump -w - -s1500 -nn|strings|grep -i password'
> >and be prepared to hit scroll lock ;)
> I've visited conferences where the wireless LAN was deemed "secure" by
> the organisation because they had outlawed sniffers.

yes, there are stupid people everywhere... Perhaps asking the question in
another way is in order:

"Given a large and widely available wireless network solution for
'consumers', how would you propose to raise the 'security' for users of
that network?'

Would you force WEP?
Would you force WPA/WPA-2?
Would you force ipsec?
Would you skip transport level encryption in favor of application level
Would you do widespread and widescale education efforts for the users?