Actually, I was seriously considering not using it. The idea is that, since WEP is so weak, I might as well do without altogether. Any host wishing to do anything at all on my network, including browsing the internet, will need to have openvpn installed and configured. Once that's the case, there is no extra benefit from using WEP.
The zeroth line of defense is not getting attacked. WEP is indeed ludicrously weak, and does not form a significant *technical* hurdle for an attacker. However, since you can't be sure that your VPN setup is flawless, why attract unnecessary attention? The casual guy-with-a-laptop just looking for some open network in the neighborhood will try the non-WEP networks first. If yours is one but fails to "work", he might "fix" it with an OpenVPN exploit or by taking advantage of your configuration typo. If you did use WEP, your unencrypted neighbor would be a more attractive target; and even if your OpenVPN setup is in fact perfect, you'd have saved yourself a bunch of security log events to mull about.
That said, some people assume in good faith that a non-WEP network is intentionally shared with the public (which is often true; how can you tell?). It's a shame to unnecessarily waste their time.
Eran
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
