Privacy & Data Security
|Aug 17, 2002 11:10 pm
||re: wireless data security
| Sky Kruse
|| One of the better ways to achieve significantly improved security over 802.11 is to use SSH tunnelling - this will get you the security level of SSH above and beyond the flawed RC4 implementation that exists in 802.11B by default.
Wireless LANs are inherently pretty insecure, unfortunately. You can use a product like Netstumbler (http://www.netstumbler.com/) to find open access points. Securing this using WEP ("Wired Equivalent Privacy") is a big help, but unfortunately it's still damn vulnerable.
If you want an example of how easy it is to cause trouble with the default configurations (even using WEP keys)... try the "airsnort" utility - http://airsnort.sourceforge.net - which can record data, determine the WEP key after a little while of sniffing, then decrypt it (and incidentally decrypt all the logged data as well).
A good casual overview can be found at
> edward Mwamufiya wrote:
> My name is Edward, C.E.O. of Okoto, I am currently leading my development team towards wireless technology with the help of J2EE and J2Me, and I have a question concerning wireless technology, does anyone know whether or not it is ready to handle sensitive data transfers. I have heard that wireless communications still has several flaws in it, and that data security is not at its best yet. does anyone have any thoughts on who i could go to get information or software, to increase security.
Private Reply to Sky Kruse (new win)