February 21st, 2002, 10:37 PM
I am aware that WEP has been broken, and I have read various White Papers on how it was broken but I fail to understand how the encryption keys are used.
Im hoping someone out there knows more about this than my limited knowledge.
If dynamic WEP keys are used (rotating every 15mins) rather than using static WEP keys, would this be a secure solution?
In addition, does anyone know of any security flaws with Kerberos encryption and authentication over a Wireless network?
I would prefer token authentication across a secure tunnel, but hey, Im just a lowlife security pleb!!!
[glowpurple]There were so many fewer questions when the stars where still just the holes to heaven - JJ[/glowpurple] [gloworange]I sure could use a vacation from this bull$hit, three ringed circus side show of freaks. - Tool. [/gloworange]
February 21st, 2002, 11:10 PM
Since the attack on WEP is based on statistical analysis, rotating the keys does help somewhat.. It all depends on the traffic level on the network...
I see no reason why Kerberos would be weakened when over wireless: Kerberos isn't vulnerable to sniffing on a shared network (not swithced, ie: on a hub). Kerberos is actually pretty cool when you study it a bit; if anyone's intereseted, check out the files attached one's pretty cool and light, the other on more technical / heavy...
You could use IPSec over your wireless network...
Cisco has some additionnal security built-in their access points and wireless NICs but you have to use their solutions end-to-end...