[NTLUG:Discuss] Wireless Home Network

Lance Simmons lance at lsimmons.net
Sat Jun 26 00:24:31 CDT 2004 

* Tom Hoover <l-ntlug at hisword.net> [040625 15:17]:

> Attaching the wireless router to your internal network seems to be a
> bigger security risk to me.

Considered in the abstract, the security of a wireless router is no
doubt greater than the security of a pc/firewall.  But I live in a house
that's pretty well separated from the other houses on my street, and so
far I've only been able to get wireless access through about half the
house.  Someone who wants to attack my wireless network has to be
physically near my house.  Someone who wants to attack my firewall, in
contrast, can be anywhere in the world.  The number of attackers near my
wireless network at any point is probably zero.  The number of attackers
with access to my internet-connected firewall is probably in the tens of
thousands, if not higher.  Doesn't that make the firewall a drastically
greater risk than the wireless router?

Of course, if an attacker wanted to get into MY network, just because it
was MINE, then wireless should be outside the firewall.  But if anyone
wanted to get on my network because it was mine, I'd probably just give
them whatever files they were looking for anyway.  I'm not trying to
protect my network from people who are interested in the contents of my
network in particular.  My concern is random people who want to do
random harm to my random network.  That leads me to think that putting
the router behind the firewall is best.

I'm a neophyte at these things, and I welcome correction, but for now it
seems to me that my firewall is by several orders of magnitude a greater
security risk for my network than is my wireless router.

Come to think of it, I'm not sure whether that point doesn't support
your position.  Suggestions welcome.

OBLINUXCONTENT:  I see that the atheros linux drivers don't have working
wep.  Is that a problem?  Right now my wireless network has no security
at all.  I'm interested in hearing what others have done to lock down
atheros-based wireless networks.

-- 
Lance Simmons

More information about the Discuss mailing list