| gabriel rosenkoetter on Sat, 23 Nov 2002 16:20:05 -0500 |
|
On Sat, Nov 23, 2002 at 01:54:34PM -0500, Jesse Huestis wrote:
> (DLink was the sharpest in MS OSs offering 256 bit encryption)
Using what algorithm, peer-reviewed by whom?
WEP's bad, but a vague, airy algorithm you can't look at is worse.
> What are the standard card people are using with Linux?
Anything based on a WaveLAN or PRISM2 chipset should work. Try it
and see (or figure out what chipset your card uses; your vendor
should be able to tell you).
> Also, according to documentation in the Linksys manuals, WEP encryption
> is not standard. Has anyone had problems with WEP not working mixing
> and matching wireless companies cards and access points?
No, LinkSys is saying that they're using a modified version of WEP
so they don't generate weak keys, at the cost of reducing the key
search space. It's a trade-off.
Anyway, it'd really better interoperate with other things claiming
WEP support, or they're advertising falsely.
You can be sure that D-Link's 256-bit mode will only work with other
D-Link hardware (and that quite possibly only if you're using
D-Link's software to drive it).
If you want secure wireless, hold on for 802.11i where it'll be done
right. If you want a little better security on 802.11{a,b}, try Niels
Ferguson's Michael algorithm over MIC. If you must have secure
wireless today, you can do IPSec at the IP layer, using 128-bit
WEP on the wifi just to obscure the source and destination of
packets (the only thing IPSec can't encrypt, obviously).
--
gabriel rosenkoetter
gr@eclipsed.net
Attachment:
pgpGtir7Fy1G3.pgp
|
|