gabriel rosenkoetter on Sat, 23 Nov 2002 16:20:05 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] WiFI config


On Sat, Nov 23, 2002 at 01:54:34PM -0500, Jesse Huestis wrote:
> (DLink was the sharpest in MS OSs offering 256 bit encryption)

Using what algorithm, peer-reviewed by whom?

WEP's bad, but a vague, airy algorithm you can't look at is worse.

> What are the standard card people are using with Linux?

Anything based on a WaveLAN or PRISM2 chipset should work. Try it
and see (or figure out what chipset your card uses; your vendor
should be able to tell you).

> Also, according to documentation in the Linksys manuals, WEP encryption 
> is not standard.  Has anyone had problems with WEP not working mixing 
> and matching wireless companies cards and access points?

No, LinkSys is saying that they're using a modified version of WEP
so they don't generate weak keys, at the cost of reducing the key
search space. It's a trade-off.

Anyway, it'd really better interoperate with other things claiming
WEP support, or they're advertising falsely.

You can be sure that D-Link's 256-bit mode will only work with other
D-Link hardware (and that quite possibly only if you're using
D-Link's software to drive it).

If you want secure wireless, hold on for 802.11i where it'll be done
right. If you want a little better security on 802.11{a,b}, try Niels
Ferguson's Michael algorithm over MIC. If you must have secure
wireless today, you can do IPSec at the IP layer, using 128-bit
WEP on the wifi just to obscure the source and destination of
packets (the only thing IPSec can't encrypt, obviously).

-- 
gabriel rosenkoetter
gr@eclipsed.net

Attachment: pgpGtir7Fy1G3.pgp
Description: PGP signature