[NTLUG:Discuss] Securing 802.11b

Bug Hunter bughuntr at one.ctelcom.net
Fri Apr 4 16:29:56 CST 2003 

  We use 2 linksys wireless to do the same thing.  The linksys wireless 
require you to put in  MAC addresses to bridge.  This means your two 
networks are connected.

This keeps everyone else out.  Make sure you are running the latest firmware.

  Do the 128 bit encryption over the link.  Then use ssh to tunnel, and 
you'll be really secure.

  However, we've found we need to reboot these once a day to be really 
reliable under high traffic conditions.  We put them on a mechanical timer 
for 4:00 am. Works well <grin>.

bug


On Fri, 4 Apr 2003, Kipton Moravec wrote:

> I am looking at hooking up two networks together using two  802.11b devices
> with external directional antennas. The distance is about 5 miles.  Assuming
> I can make a connection, what do I have to do to make it secure, so noone
> can stick up an antenna between the line of site and monitor the traffic or
> break into the network.  One network has high speed internet access. The
> other is in a hole in Garland where there is no cable modem and no DSL and
> no other high speed internet access.  They tried satellite but it is down a
> lot, and has gotten very slow since they got it.  So we are going to try to
> connect the two networks with 802.11b.
> 
> I am trying to figure out what I need to read up on.
> 
> I think I need to set up a router/firewall on both networks to connect the
> wire part of the internal network to the 802.11b part of the network.  What
> do I need to read up on so that the data packets that are sent through the
> air are encripted?  I looked in the firewall, bridging, networking, and VPN
> how-to and it is either not there or I missed it.  Where would I find it?
> 
> Looking at http://www.seattlewireless.org  they mention IPSEC like
> http://www.freeswan.org. ?  I think that might do it. Does anyone know
> better?
> 
> Can I also limit the connection to a particular MAC Address?  Where would I
> find the documentation? That may make it a little harder to spoof the
> connection.   That part of the network is basically a point-to-point
> connection and I want to ignore traffic that comes from any source other
> than my partner transmitter.
> 
> Does this make sense?
> 
> Kip
> 
> 
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
> 

-- 
---------------------------------
Sick and tired of spam?
Ask me about Mail Deflector!
http://www.maildeflector.com
---------------------------------

More information about the Discuss mailing list