Forgot your password?
typodupeerror

Comment: Re:I can think of a few (Score 1) 496

by Strider-BG (#27799635) Attached to: Time To Cut the Ethernet Cable?

Except almost no one implements "hardened wired connections". Do you run crypto on your wired network? Do you require 802.1x auth on your wired network? Do you you encase all the cabling in pressure-alarmed conduit? Do you perform Functional Compartmentalization where network access is limited on a per-user basis? Almost no one does these things - most of them are non-trivial to do with wired networks. All I have to do is pay a janitor a few bucks to plug something into a wired port and bingo, I have full network access.

Wireless on the other hand has auth and crypto built in so while sniffing is trivial, if you're running 802.11i it doesn't matter. If you're worried about what happens when it reaches the AP, some wireless vendors keep the traffic encrypted all the way back to a controller in the Data Center. There are no crypto keys or user data on the AP so if someone were to steal it or gain access to the cable behind it they would only get encrypted data. Then add in some vendor's built-in ICSA firewall and you can easily perform Functional Compartmentalization on a per-user basis regardless of user location.

The wireless world has moved on from the old WEP days regarding security. There is still the jamming DoS attack vulnerabilities but many people have mitigated or just accepted them in exchange for the huge productivity gains and cost savings.

egrep patterns are full regular expressions; it uses a fast deterministic algorithm that sometimes needs exponential space. -- unix manuals

Working...