SEARCH RESULTS
 
Showing 1-9 of 9 records
1
 
Expand article

Why would anyone use standard WEP? Isn't it super easy to crack & sniff?

2007-01-19 16:01:12 by Editor in Endpoint Security: Translating Policy Into Reality
 
Using standard WEP is akin to using a pad-lock & chain for securing a bicycle. It keeps the honest people honest. The argument given that WEP is so weak that it's not worth using, isn't completely valid. Using the bike analogy, would you stop using a lock & chain simply because anyone with a set of bolt cutters can defeat them in a second?...
 
Tags: wep, standard wep, chain simply, chain, bike analogy, pad-lock, lock, completely valid, bolt cutters
 
 
 
 
Expand article

Why would anyone use standard WEP? Isn't it super easy to crack & sniff?

2007-01-19 16:01:12 by Editor in Endpoint Security: Translating Policy Into Reality
 
Using standard WEP is akin to using a pad-lock & chain for securing a bicycle. It keeps the honest people honest. The argument given that WEP is so weak that it's not worth using, isn't completely valid. Using the bike analogy, would you stop using a lock & chain simply because anyone with a set of bolt cutters can defeat them in a second?...
 
Tags: wep, standard wep, chain simply, chain, bike analogy, pad-lock, lock, completely valid, bolt cutters
 
 
 
 
Expand article

More on Application Security Metrics

2008-05-08 20:05:00 by Security Retentive in Security Retentive
 
...WEP. Standard WEP implementations aren't defect ridden. They don't suffer from buffer overflows, race conditions, etc. They suffer from fundamental design defects that can't be corrected without a fundamental rewrite. The number of attacks resulting from WEP probably isn't known. Even throwing out high profile cases such as TJ Maxx and Home...
 
Tags: defects, fundamental design defects, fewer defects, architectural defects, implementation defects, security, application, security design, software developers
 
 
 
 
Expand article

Myth vs. reality: Wireless SSIDs

2007-10-16 07:08:58 by Steve Riley in Steve Riley on Security
 
...WEP, either static or dynamic, I encourage you to move to WPA2 as soon as possible. For those of you at home running XP and have kept it updated, or if you're running Vista, then, you simply need to enable WPA2 . We've got some additional guidance for home/small offices and for enterprise networks with certificate services or without . If you...
 
Tags: simple ssid discovery, network, ssid, wireless network, networks, enterprise networks, wireless networks, mac, secure networks
 
 
 
 
Expand article

Wireless holes - protecting retailers from themselves

2008-01-16 15:57:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...WEP protection According to the article access to the unprotected access points and unencrypted traffic -- spilled well beyond the walls of the store. Attackers could set up shop outside, snoop on the WLAN traffic, and collect MAC addresses and other data that could be used to hack deeper into the stores net, servers and data Apparently...
 
Tags: retailers, wlan traffic, collect mac addresses, traffic, inbuilt protection, tjx scenario, apparently, data, wireless infrastructure
 
 
 
 
Expand article

RSA Day 2: Wednesday with JJ & the Engima

The Article has images
2008-04-14 01:35:30 by JJ in Security Uncorked
...WEP and other algorithms that were okay, but mis-implemented There were a variety of other anecdotes, accompanied by audience-wide snickers, snorts and laughter. One story of tape backups, encrypted, with the key dutifully stick-noted to the case. Another of the secretary who type-writered all the 5.25 floppies. The story of the unmanned...
 
Tags: security, inherent security risk, day, security bloggers party, dry session, session, enigma, enigma machines, fathers session
 
 
 
 
Expand article

iPhone 2.0 Software Adds 802.1X for Enterprises

The Article has images
2008-07-10 15:51:30 by Glennf in Wi-Fi Networking News
...WEP or WPA/WPA2 802.1X configurations, and include support for choosing allowed EAP messaging types, configuring authentication elements associated with a given EAP type, and adding server certificates and names for better authentication control Once created, these profiles can be distributed throughout a company via email or as a direct...
 
Tags: software, iphone, iphone software, enterprise, wpa2 enterprise, wpa enterprise, iphone configuration utility, network security, network
 
 
 
 
Expand article

Run Through PCI DSS 1.2 Changes

2008-08-26 11:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...WEP, access points, hidden SSIDs, etc) - indeed, recent data losses are often due to insecure wireless Overall, a minor change that, sadly, doesn't touch a few KEY areas, such as virtualization, for one About me: http://www.chuvakin.org
 
Tags: req, pci dss, offsite data storage, insecure wireless, audit trail history, silly log dumps, wireless, plain text passwords, vulnerability stuff
 
 
 
 
 
Showing 1-9 of 9 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia