Panel Discussion on the Differences and Similarities of Wired vs. Wireless Security


Position Statement by:
Russ Housley
Vigil Security

9 October 2003


Do Ethernet and 802.11 Wireless LANs (WLANs) offer the same services?  Yes, and no, but 
mostly no.  From a protocol stack perspective, Ethernet and WLANs are largely 
interchangeable.  Both allow the application layer protocols to deliver the expected 
services.  However, Ethernet and WLAN are quite different in a few fundamental ways.  To 
sniff an Ethernet, the attacker needs to gain physical access.  To sniff, a WLAN, the 
attacker can be quite distant.  This leads to a need to encryption in order to obtain the 
same level of privacy offered by the Ethernet physical wire.  Similarly, an attacker must 
gain physical access to an Ethernet to exchange data with other stations connected to it.  
Again, physical access is not needed to make use of a WLAN.  This leads to a need for 
authentication in order to obtain the same level of access control offered by the Ethernet 
physical wire.  This situation also demonstrates the need for data integrity protection.  
Mechanisms for confidentiality, integrity, and authentication are essential for any security 
on a WLAN.