From owner-cvs-all Thu Aug 9 15:51:34 2001 Delivered-To: cvs-all@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 6102937B403; Thu, 9 Aug 2001 15:51:23 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f79MpNL20642; Thu, 9 Aug 2001 15:51:23 -0700 Date: Thu, 9 Aug 2001 15:51:23 -0700 From: Brooks Davis To: Warner Losh Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/wicontrol wicontrol.8 Message-ID: <20010809155123.A18472@Odin.AC.HMC.Edu> References: <200108092159.f79Lx8406626@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="yrj/dFKFPuw6o+aM" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200108092159.f79Lx8406626@freefall.freebsd.org>; from imp@FreeBSD.org on Thu, Aug 09, 2001 at 02:59:07PM -0700 Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --yrj/dFKFPuw6o+aM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 09, 2001 at 02:59:07PM -0700, Warner Losh wrote: > imp 2001/08/09 14:59:07 PDT >=20 > Modified files: > usr.sbin/wicontrol wicontrol.8=20 > Log: > Add a note that says: > WEP IS INSECURE. DO NOT USE IT. > and point people to details on the attack: > http://www.cs.rice.edu/~astubble/wep/wep_attack.html > and recommend people use ipsec instead if possible. > =20 > Approved by: kris > =20 > Mandoc police: Please do your worst. I'd like to merge similar text > into ancontrol and ifconfig. I disagree with this statement. A more accurate statement would be: WEP IS INSECURE. DO NOT TRUST IT TO PROVIDE SIGNIFICANT SECURITY. The difference is that it totally open mode, anyone can walk up and immediatly access the network. One the other hand, breaking WEP requires the reception of 4-6 million packets according to the AT&T paper. Since I rebooted my primary machine yesterday it has only transmitted around 660K packets. Certaintly, WEP won't stop a dedicated attacker, but it continues to provide some useful level of defense against casual attackers with no easy place to access your air-space. I certaintly plan to continue using some level of WEP on my wireless networks. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --yrj/dFKFPuw6o+aM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7cxPqXY6L6fI4GtQRAlYgAKC3gUyHVIxp9eZiMWp6R4w2tzDuvgCfaNlf TO1F1lLweUZYo3tOYbBlmiA= =tCTk -----END PGP SIGNATURE----- --yrj/dFKFPuw6o+aM-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message