Search and DocFinder
 
Search help/advanced search

  


News NetFlash: Daily News Internat'l News This Week in NW The Edge Net.Worker Features Research Buyer's Guides Reviews Technology Primers Vendor Profiles Forums Columnists Knowledgebase Help Desk Dr. Intranet Gearhead Careers Free Newsletters Subscription Center Seminars/Events Reprints/Links White Papers Partner with Us Site Map Contact Us Awards Corporate info Home










News

Henderson review how we did it

NOTE: We are launching a new and improved Fusion this weekend. Some things may not look or work right for a bit. Our apologies for the inconvenience!

Today's News

ICANN board approves reform agenda

House committee subpoenas WorldCom executives

KPMG Consulting to hire Andersen IT staff, not unit

Xerox accounting troubles may total $6 billion

Analysis: Ciena/ONI deal done


All of today's news

By Tom Henderson
Network World, 04/08/02

We installed the WG-1000 to our testing network, which included several Compaq Presario 700US notebooks, a Sony PCG ICX notebook, and an HP Pavilion desktop with various 802.11a and 802.11b cards from SMC, Agere/Orinoco, and Intel. We connected an Intel and Agere/Orinoco 802.11b access point, and an Intel and SMC 802.11a access point.

We then ran tests that included session hijacks on 802.11b cards, and man-in-the-middle crack attempts using WEPCrack and AirSnort to dictionary attack or XOR attack streams in an attempt to hijack sessions.

We were successful in our ability to hijack session that didn't use VPNs, but used access point-based WEP encryption. However, with Point-to-Point Tunneling Protocol (V1.1) or IPSec (Bluesocket or Windows 2000-based with Windows 2000 certificate authority), we couldn't hijack sessions.

Added security authentication to LDAP (via OpenLDAP 1.3 on SuSE Linux 7.3 hosted on a Gateway-brand server) worked, as did NTLM authentication against Windows 2000 Advanced Server (SP2, hosted on a Compaq ProLiant 3000 server). Guest account access, when enabled on the WG-1000 also worked correctly when focused directly at our internal firewall/NAT/gateway, although such sessions could be hijacked because they used no VPN software, and therefore the sessions were unprotected from a WEPCrack attack.

Back to the review

Apply for your free subscription to Network World. Click here.

Get Copyright Clearance
Request a reprint or permission to use this article.

Send this article to a colleague

Please select a type of format for the email you want to send:
TEXT
HTML
Recipient's name:

Recipient's e-mail:
 Your name:

Your e-mail:
Comments:

Feedback

Tell us your thoughts on this article or the issues raised in it. We'll cc: the author and editors on all comments.

Comments:

Name:
E-mail address:

Can we post your comments in an online forum on the topic?
Yes No

What did you think of this article?
Very useful Somewhat useful Not at all useful

Would you want to see:
More articles on this topic
Fewer articles on this topic

Thank you! When you click Submit, you'll be taken back to this article.

 

Responsible for insuring the safety of your network?

NWFusion offers two FREE security e-mail newsletters to help you keep your enterprise network secure.

Click here to sign-up.

Advertisement:


Editorial Partners program
Three free and easy ways to bring Network World's in-depth editorial content to your own Web site.
Learn more



  Copyright, 1995-2002 Network World, Inc. All rights reserved.