|
|
|
|
WEP encryption:
|
|
-is part of the IEEE 802.11b standard
|
|
-however defining the WEP keys in client
software is not at all same
|
|
-there is not yet standardized way to change
keys
|
|
|
|
IPSEC/VPN:
|
|
-IPSEC/VPN solutions can be used to provide
additional security for encrypting the radio way
|
|
|
|
Vendor specific
solutions:
|
|
-Lucent ”closed network” very insecure
|
|
-is based on the network id (essid), the WLAN
devices must know this to be able to connect
|
|
-Bugtraq announced recently that this was buggy
and it was possible to find out the essid from the radio traffic without
connecting to the network
|
|
-WEP encryption with ”closed network” setting
may provide additional security but in author’s humble opinion it’s not
enough
|
|
|
|
MAC address
based access filtering in access point
|
|
-The WLAN access point filters from the device
which MAC address is not in its access list or verifiable from access
database / authentication server via for example Radius server
|
|
-Access Point may have this kind of limited
firewall capability
|
|
-However the access point may let the device to
associate to the WLAN cell so that the device is able to eavesdrop traffic
|
|
-this feature exists only in few vendors’ access
point products
|
|
|
|
|