Le lun 28/07/2003 à 00:04, George Vieira a écrit : > 1. Security = Forget WEP (or even 128bit WEP.. it sucks.). Use IPSEC > tunnels over wifi. It's better than nothing. I would say "do not have your secrity rely on WEP". WEP sucks, that's a fact, but it introduces an authentication scheme (i.e. have the right key to access network) that frightens most of script kiddies. > 3. DO NOT USE MAC FILTERING... Wifi can easily be spoofed mac > addresses hence the reason for number 1 above. Same than above. Yes, you can abuse easily this kind of security setting, but it does not mean you do not have to use it. And you forgot to mention BSSID broadcast disabling in beacon frames. You have security features in WiFi that are not efficient enough to bouild your security on top of them. But using them can make 90% wardrivers to skip your AP just because they're activated. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
