Wired vs Wireless Firewall, Hole196, marketing versus common sense and all-all

In one of the related topics, we talked about the security of wireless encryption, and, in particular, the stupid "vulnerability" Hole196. I once wrote about this here . I recommend reading, who are interested.


In short:
All the hype around Hole 196 was due to the fact that AirTight read the 802.11 standard and on page 196 saw that the cryptographic encryption keys are the same for everyone! Oh my God! Well this authorized user Petya can read all the broadcasts! And even send your own to all other users! We will implement the well-known ARP / DHCP Spoofing attacks and break your WLAN! Urgently buy WIPS from AirTight - we will solve this problem!
The fact that in the wired world this has long been a troublemaker , and in the wireless one is treated by a normal firewall on the access point, they chose to keep silent. In fairness, some "leading" vendors do not have such firewalls to this day, and - yes, they are. But these are problems of monovendorfagov.

And here , in fact, I bring the difference between the wired and wireless approach to the screening of wireless traffic, a couple of recommendations, links to attacks and other articles on the analysis of threats to wireless networks.