Site suggestion : howto

Heya im keen to get one of these access points up.

What would be handy for newbs like me is.

1.Howto
2. gear i need -
3. places to purchase this gear
4. prices

IF more access points are needed and you wanted this to really get off the ground this simple nfo would go along way to giving ppl a idea for what they are getting them selves into.

Thx, great site noods great intergration with the accounts etc.

Wireless Network protection:

Don?t leave your network opened for ha<>ors to pilfer your bandwidth. Protect your network.

You can do this in a few ways. The easiest way is to implement WEP between your wireless gears. The problem with WEP is that it can slow down your transfer speeds because of the all the encryption and decryption.

Another method is to enable MAC address resolution. This ensures that only those cards with a certain AMC address are allowed to connect to the network. This is a good way to keep the same speeds on the network and still have some sort of protection.

You can get MAC address spoofing programs to emulate your the allowed MAC addresses, but you could argue that you could get WEP crackers also.

WEP cracking takes considerably longer time to break the key then it would be to grab the MAC address of an authenticated card and spoof it. However if some is going to go to the lengths of MAC address spoofing then they will probably know how to break WEP.

Final result...... for an easy way to protect your wireless devices on a network at home enable some sort of MAC address authentication so you can keep full speed access and limit users to the AP.


Wookie

MAC address filtering and WEP are the lowest common denominator for wireless security, you should not rely on either of them to protect your wireless network.

There are a range of security measures that you can implement if you want to keep your wireless net secure, depending on your needs.

Personally I run two wireless networks, one for my own in-house use and one for public access. Here are some of the security measures I have in place;

-Both are firewalled off from the rest of my LAN.

-Outbound raffic from the public WLAN is filtered.

-The Public LAN does not use WEP (though it did at one time use PPTP.) The Nocat http:/nocat.net authentication mechanism does dynamic firewalling and time-limited MAC address filtering (the time delay means there is a very short window when an attacker can hijack a MAC after an authenticated user's session has ended.)

-On my super-secure private wireless network, MAC address and IP address filtering are always in place for the specific devices allowed to connect. In addition, I use IPSEC (www.freeswan.org) to provide a VPN connection.

There is a somewhat out of date diagram of how this looks (ignore the PPTP and WNAP stuff, that's no longer there) at

http://oob.freeshell.org/network.html

Hope this helps.

-Simon.

Just incase anyone is following this thread who didn't see it on the front page, here's simon's howto document:

http://oob.freeshell.org/nzwireless/LWAP-HOWTO.html