<VV> Need high speed access advice--NO CORVAIR

Kent Sullivan kentsu at corvairkid.com
Wed Jan 18 23:20:25 EST 2006


Padgett, do you mean WPA rather than WAP?

Be careful when using WPA. In most all consumer-type devices, like home
routers and firewalls, full WPA cannot be implemented because a full-blown
802.1x authentication server is required--beyond the cost parameters of that
type of device, not to mention the know-how it takes to set up and maintain.
So, most all consumer devices deploy WPA-PSK. The PSK stands for Pre-Shared
Key. This system can be reasonably secure but ONLY if you take great care in
choosing the key.

See: http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

Diceware, a tool to generate a secure PSK:

http://en.wikipedia.org/wiki/Diceware

And

http://world.std.com/~reinhold/diceware.html

--Kent
-----Original Message-----
From: virtualvairs-bounces at corvair.org
[mailto:virtualvairs-bounces at corvair.org] On Behalf Of Padgett
Sent: Wednesday, January 18, 2006 7:21 PM
To: virtualvairs at corvair.org
Subject: Re: <VV> Need high speed access advice--NO CORVAIR


>  A firewall
> > does nothing to secure the data transmission; only data encryption 
> > will help that.  Most routers and cards use WAP which is really not 
> > secure.  Most experts recommend PGP (pretty good priviacy).

I was not going to say anything, I really wasn't but this is a bit too far
off the wall. WEP (wireless encryption protocol) was not really secure, with
enough data (a lot) even 128 bit could be broken so long as the shared key
was never changed.

WAP (wireless application protocol) has been around for several years and is
really pretty good, WAP II is even better but WAP is in wireless routers and
cards today (and if it isn't, there is usually a firmware upgrade
available). WAP support was not in the original Windows XP but again there
is a downloadable upgrade (think it was in SP-1). All of these are for
Wireless.

For wired channel encryption, the easiest choice is IPSEC which again is
built into XP and available for Linux. There are several under-$100 routers
(Linksys, Netgear) that provide IPSEC capability. When I am on the road and
need a secure channel to my home I have an older Linksys  BEFVP41.

SSL is the foundation of Internet commerce but takes a special server stood
up by the merchant and while an expert can do fairly cheaply, it is not
common in small installations (if you have an expert available, I would
suggest Linux, Apache, and Open SSL.. All browsers have SSL client
capability built in.

PGP is an excellent file and volume encryption product but for exchanges it
has to be with someone who has the same software either the commercial PGP
or the open source GPG. It is not for channel encryption.

Now this is waaay off of Corvairs but if someone would like some pointers,
contact me offline. Is how I keep mine in motor mounts and such.

Padgett 

 _______________________________________________
This message was sent by the VirtualVairs mailing list, all copyrights are
the property of the writer, please attribute properly. For help,
mailto:vv-help at corvair.org This list sponsored by the Corvair Society of
America, http://www.corvair.org/ Post messages to: VirtualVairs at corvair.org
Change your options: http://www.vv.corvair.org/mailman/options/virtualvairs
 _______________________________________________




More information about the VirtualVairs mailing list