RE: RE: Communicate from a laptop -- PCTECH

Hi John,

Easily you can put into Google - WPA Crack.  It comes up with a lot.  
To summarize it you can read one article from Mel  at Dr. I Doctor.
http://www.dridoctor.com/archives/2004/12/book_review_wif.html

Thanks for your input.

Gary

> Walden's config is spot-on, but Gary, I have a question for you.
> Certainly WEP cannot be considered secure but I hadn't heard that WPA
> can no longer be trusted.  Perhaps I'm a little behind in reading about
> wireless.  Can you cite an article? 
> 
> John A. Jones, CISSP
> Americas Information Security Officer
> Jones Lang LaSalle, Inc.
> V: +1-630-455-2787  F: +1-312-601-1782
> john.jones@xxxxxxxxxx
> 
> -----Original Message-----
> From: Walden H. Leverich [mailto:WaldenL@xxxxxxxxxxxxxxx] 
> Sent: Wednesday, March 16, 2005 4:11 PM
> To: PC Technical Discussion for iSeries Users
> Subject: [PCTECH] RE: Communicate from a laptop
> 
> I'm not sure I follow. Ignore the internet for a moment. Within the
> office you have two "group" of machines, those that are hardwired and
> those that are wireless. Ignoring security, it would be fine for them to
> all be on one big happy subnet, including the iSeries. So far so good?
> 
> However, we can't ignore security, right? So what I'm proposing is put
> the wireless people on their own subnet and bring up a VPN connection to
> the "real" subnet. This way they can access "protected" resources over
> the VPN and still be wireless. 
> 
> Now, as for the internet, you could either force them to come over the
> VPN and then out through the same interface as the hardwired people, or
> you could provide another route to the internet for the wireless people.
> 
> Make sense, or did I miss something?
> 
> -Walden
> 
> ------------
> Walden H Leverich III
> President & CEO
> Tech Software
> (516) 627-3800 x11
> WaldenL@xxxxxxxxxxxxxxx
> http://www.TechSoftInc.com
> 
> Quiquid latine dictum sit altum viditur.
> (Whatever is said in Latin seems profound.)
> 
> 
> 
> -----Original Message-----
> From: Gary Kuznitz [mailto:docfxit@xxxxxxxxxxxx]
> Sent: Wednesday, 16 March, 2005 15:09
> To: PC Technical Discussion for iSeries Users
> Cc: Walden H. Leverich
> Subject: RE: Communicate from a laptop
> 
> Moved from Midrange List
> 
> Hi Walden,
> 
> Thanks for your input.  My iimmediate need is to protect the wireless
> transmission in the office.  I can easily setup a VPN tunnel between 
> the laptop --> over wireless --> to a remote office.   Which covers 
> the wireless part easily.  The problem is when I need to surf the
> internet to other locations. Like when I need to transmit to other
> people that don't have VPN setup.  At these times I'd like to have the
> wireless protected.
> 
> Thank you,
> 
> Gary Kuznitz
> 
> > Gary,
> > 
> > We use W2K as our VPN server (no surprise there, right? <G>) so what
> we
> > did in this situation was deploy a second subnet for all wireless 
> > access. That subnet, while it has a private IP range (10.100.12.x) is 
> > still considered by us to be a public network, so there's no direct 
> > connect between the wireless subnet and our internal network. However,
> 
> > the VPN server is connected to that subnet. So when you're wireless
> you
> > need to bring up a VPN connection just as if you were anywhere on the 
> > internet, and the connection is the same one you'd bring up from home
> --
> > into the same VPN server you'd access from home. 
> > 
> > What I'm getting at is, do you need a separate VPN server for the 
> > wireless stuff, or can you setup your current VPN server to handle 
> > another subnet?
> > 
> > -Walden
> > 
> > 
> > ------------
> > Walden H Leverich III
> > President & CEO
> > Tech Software
> > (516) 627-3800 x11
> > WaldenL@xxxxxxxxxxxxxxx
> > http://www.TechSoftInc.com
> > 
> > Quiquid latine dictum sit altum viditur.
> > (Whatever is said in Latin seems profound.)
> > 
> 
> 
> 
> --
> This is the PC Technical Discussion for iSeries Users (PcTech) mailing
> list To post a message email: PcTech@xxxxxxxxxxxx To subscribe,
> unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/pctech
> or email: PcTech-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives at
> http://archive.midrange.com/pctech.
> 
> 
> 
> This email is for the use of the intended recipient(s) only.  If you have
> received this email in error, please notify the sender immediately and then
> delete it.  If you are not the intended recipient, you must not keep, use,
> disclose, copy or distribute this email without the author's prior 
> permission. 
> We have taken precautions to minimize the risk of transmitting software 
> viruses,
> but we advise you to carry out your own virus checks on any attachment to this
> message.  We cannot accept liability for any loss or damage caused by software
> viruses.  The information contained in this communication may be confidential
> and may be subject to the attorney-client privilege. If you are the intended
> recipient and you do not wish to receive similar electronic messages from us 
> in
> future then please respond to the sender to this effect.
> 
> -- 
> This is the PC Technical Discussion for iSeries Users (PcTech) mailing list To
> post a message email: PcTech@xxxxxxxxxxxx To subscribe, unsubscribe, or change
> list options, visit: http://lists.midrange.com/mailman/listinfo/pctech or 
> email:
> PcTech-request@xxxxxxxxxxxx Before posting, please take a moment to review the
> archives at http://archive.midrange.com/pctech.