David Hill
writes:
It seems that the inherent insecurities
in the Wired Equivalent Privacy protocol for Wireless networks only
increased the determination of the boffins over at NASA, who’ve managed to secure a wireless
network with ‘an off-the-shelf PC running the OpenBSD operating
system, an Apache web server, the Internet Software Consortium DHCP
server, the IPF firewall software — all freeware.’
In
this whitepaper, Nichole
Boscia details how they met the objective of developing a
‘Wireless Firewall Gateway’.
This is quite an achievement, considering ‘recent conference
results have established that 802.11b wireless systems provide no
substantial security protection in any of three important respects:
1) The signal coverage perimeter cannot be easily limited to
conform to an organization’s physical control perimeter; 2)
Wireless card hardware addresses cannot be trusted as tools to
identify a user; and 3) Wired Equivalent Privacy (WEP) encryption
of data sent between a laptop and an access point can be cracked,
regardless of key length.’
It also seems that the ‘NASA method’ of wireless networking also
carries with it performance benefits as the disabling of the
built-in security features of 802.11b reduces the load on the
associated equipment, and instead allows the security of the
network to be maintained by the network services provided by the
gateway.
Very nifty. 🙂