Re: [Sheflug] Network design problem

[Simon Brown <simon@xxxxxxxxxxxxxxxxxxxxxxxx>]

* Lesley Binks (lesley.binks@xxxxxxxxx) wrote:
> Now let's deal with your WAP.
> 
> You should bear in mind that a wireless device is a receiver and 
> transmitter.  It doesn't care who or what it receives from or who or 
> what it transmits to.  When the data over a wireless connection is 
> transmitted so that a WAP can receive it, any other suitable device in 
> the range of the transmitting device can also receive it.  And there is 
> much out there to sniff the air e.g. http://airdump.net/ .
> 
> I assume your WAP uses DHCP to assign an IP address to any machine that 
> connects to it.  If your wife is the only one using the wireless access 
> point then make sure that the DHCP server on the WAP is set to rotate 
> only one IP address, and that it will only accept from one MAC address 
> plus use appropriate authentication methods that are not WEP or WPA.
> 
> WPA2 can be sniffed but you can use 63 character passwords designed for 
> machine to machine communication i.e. case sensitive and containing any 
> character including alphanumerics, punctuation and special characters 
> such as '@' or '>'.  These are harder to crack.  Change this password 
> frequently.
> 
> Your wife's machine should also be suitably firewalled and you will have 
> to deliver the new password to her machine by a secure method every time 
> you change it on the WAP.
> 
> None of this is foolproof security but it may stop or hinder some people 
> from using your network or using your wife's machine as a trojan on your 
> network.
Lesley, have you had something of a disagreement with your neigbours?

Simon
-- 
Simon Brown

_______________________________________________
        Sheffield Linux User's Group
  http://www.sheflug.org.uk/mailfaq.html
 GNU - The choice of a complete generation