On Tue, 2005-06-07 at 23:41 +0200, Alexander Dalloz wrote:
Proven what not secures wireless LAN: MAC Filtering, SSID hiding,
Yep. Turning off that SSID broadcast, and denying Open System access. I don't know how many times I've gone into a company and they've had "Open System" even though they're using WEP because "oh, we had trouble getting WEP to work when it was Shared Key only."
Duh!
LEAP Authentication (EAP-TLS, EAP-TTLS or PEAP would be secure alternates),
Actually, LEAP/PEAP EAP-TLS is proprietary Cisco/MS whereas EAP-TTLS is open standard IETF.
switching off DHCP,
Or at least MAC-based DHCP assignment (ala old BOOTP style), which you'll want to do with MAC filtering anyway.
postitioning of the antenna,
A little lead against the wall you don't want the signal to travel goes a _long_way_.
change to 1a (5 GHz)
Definitely, much stronger, although not as far. Although the new crop of 802.11a/b/g cards can do a now as well.
or to Bluetooth
Er, um, not sure about that one. ;-ppp