Wireless has become quite popular in network scenarios from the basic home network to the corporate LAN to the point-to-point backbone tying together offices or job sites. Wireless security and security breaches have been getting lots of press as have various vendors' multitude of proposals for cute proprietary ways to solve some of the problems in currently available products (primarily 802.11) by retrofitting them with better encryption, better authentication, tightly integrated access control, etc. What is lacking is a well-defined practical approach for the administrator in deploying (or the auditor in testing) a wireless network with currently available technology. This talk will begin with an overview of my present threat model and the details of various attacks against typical wireless networks. Following this I will give a walk-through of building a secure 802.11 LAN as well as the monitoring and auditing necessary to keep it secure. Time permitting I will also bring up a guest or two to discuss several "theoretical" attacks and other things yet to be revealed.