FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 01-29-2009, 09:15 PM
Grant
 
Default Locking down a wireless network

>>>> My Gentoo router's wireless network is encrypted via WPA and doesn't
>>>> DHCP. I'd like to take this a step further in case my WPA key gets
>>>> hacked. Can I issue only certain IPs to certain MAC addresses?
>>>>
>>>> Does WPA2 require hardware support?
>>>
>>> I don't think so. It should just be a driver/firmware update if you've
>>> got some device that supports WPA and not WPA2. The AES encryption of
>>> WPA2 requires a little more hardware power than WEP or WPA normally
>>> uses, but I don't think it needs any special chip or anything like
>>> that.
>>>
>>> You can also do VPN over your wifi connection, and require it for
>>> access to the rest of your network or the internet. At least then if
>>> someone hacks your wireless key, they still can't do anything without
>>> having your VPN certificate.
>>
>> Actually, VPN would rule out my wifi cell phone I bet.
>
> Maybe not -- I don't know what kind of phone you've got. I have a
> Nokia N95 which runs Symbian OS 9 and there are 3 VPN clients that I
> know of (and the first one is free):
>
> http://www.businesssoftware.nokia.com/mobile_vpn_downloads.php
> http://www.ncp-e.com/en/vpn-szenarien-produkte/vpn-produkte/secure-entry-client.html
> http://www.symvpn.com/Products/ProductInfo.aspx?ProductId=17
>
> I believe Windows Mobile devices have VPN support built in, but I've
> never tried it. For iPhone or other phone OS i have no idea as I've
> never actually used them.
>
> Paul

Thanks Paul, mine is a Nokia N82 and I'm checking into that now.

- Grant
 
Old 01-30-2009, 03:25 PM
Grant
 
Default Locking down a wireless network

>>>> My Gentoo router's wireless network is encrypted via WPA and doesn't
>>>> DHCP. I'd like to take this a step further in case my WPA key gets
>>>> hacked. Can I issue only certain IPs to certain MAC addresses?
>>>>
>>>> Does WPA2 require hardware support?
>>>
>>> I don't think so. It should just be a driver/firmware update if you've
>>> got some device that supports WPA and not WPA2. The AES encryption of
>>> WPA2 requires a little more hardware power than WEP or WPA normally
>>> uses, but I don't think it needs any special chip or anything like
>>> that.
>>>
>>> You can also do VPN over your wifi connection, and require it for
>>> access to the rest of your network or the internet. At least then if
>>> someone hacks your wireless key, they still can't do anything without
>>> having your VPN certificate.
>>
>> Actually, VPN would rule out my wifi cell phone I bet.
>
> Maybe not -- I don't know what kind of phone you've got. I have a
> Nokia N95 which runs Symbian OS 9 and there are 3 VPN clients that I
> know of (and the first one is free):
>
> http://www.businesssoftware.nokia.com/mobile_vpn_downloads.php
> http://www.ncp-e.com/en/vpn-szenarien-produkte/vpn-produkte/secure-entry-client.html
> http://www.symvpn.com/Products/ProductInfo.aspx?ProductId=17
>
> I believe Windows Mobile devices have VPN support built in, but I've
> never tried it. For iPhone or other phone OS i have no idea as I've
> never actually used them.
>
> Paul

It looks like those 3 do work on an N82, but at least the 3rd one can
only connect to Windows VPN servers currently. VPN configuration on
any of them sounds like it can be a major hassle though.

Is there a way to get reliable info on how many systems are connected
to my wireless network? I'm running a Gentoo router.

- Grant
 
Old 01-30-2009, 09:37 PM
Stroller
 
Default Locking down a wireless network

On 29 Jan 2009, at 17:40, Grant wrote:


My Gentoo router's wireless network is encrypted via WPA and doesn't
DHCP. I'd like to take this a step further in case my WPA key gets
hacked.


What makes you think your WPA key is likely to get hacked?

As I'm reading it, if you use a long random password & unique SSID WPA
is quite secure.


It should be possible to implement WPA2 on a Linux-based AP. I would
use 64 random hex digits for your PSK & stop worrying about it.


MAC address filtering is worthless. I would install a DHCP server &
save yourself the hassle of setting IP addresses on any devices that
are used elsewhere. Anyone who breaks WPA (which I consider extremely
unlikely assuming the criteria I've described) is not going to be
troubled by such measures.


Stroller.
 
Old 02-03-2009, 08:22 PM
Paul Hartman
 
Default Locking down a wireless network

On Fri, Jan 30, 2009 at 10:25 AM, Grant <emailgrant@gmail.com> wrote:
>>>>> My Gentoo router's wireless network is encrypted via WPA and doesn't
>>>>> DHCP. I'd like to take this a step further in case my WPA key gets
>>>>> hacked. Can I issue only certain IPs to certain MAC addresses?
>>>>>
>>>>> Does WPA2 require hardware support?
>>>>
>>>> I don't think so. It should just be a driver/firmware update if you've
>>>> got some device that supports WPA and not WPA2. The AES encryption of
>>>> WPA2 requires a little more hardware power than WEP or WPA normally
>>>> uses, but I don't think it needs any special chip or anything like
>>>> that.
>>>>
>>>> You can also do VPN over your wifi connection, and require it for
>>>> access to the rest of your network or the internet. At least then if
>>>> someone hacks your wireless key, they still can't do anything without
>>>> having your VPN certificate.
>>>
>>> Actually, VPN would rule out my wifi cell phone I bet.
>>
>> Maybe not -- I don't know what kind of phone you've got. I have a
>> Nokia N95 which runs Symbian OS 9 and there are 3 VPN clients that I
>> know of (and the first one is free):
>>
>> http://www.businesssoftware.nokia.com/mobile_vpn_downloads.php
>> http://www.ncp-e.com/en/vpn-szenarien-produkte/vpn-produkte/secure-entry-client.html
>> http://www.symvpn.com/Products/ProductInfo.aspx?ProductId=17
>>
>> I believe Windows Mobile devices have VPN support built in, but I've
>> never tried it. For iPhone or other phone OS i have no idea as I've
>> never actually used them.
>>
>> Paul
>
> It looks like those 3 do work on an N82, but at least the 3rd one can
> only connect to Windows VPN servers currently. VPN configuration on
> any of them sounds like it can be a major hassle though.

I haven't tried it, but the Telexy SymVPN has just released a new
version which supposedly supports linux PPTP VPN now.

http://www.telexy.com/Support/Publications.aspx?codeid=A75XR35VU2

There is a free trial.
 

Thread Tools




All times are GMT. The time now is 02:34 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org