In article , Jack Twilley
writes:

"N2EY" == n2ey writes:

[...]

N2EY One caveat!

N2EY A lot of folks are setting up their own little wireless
N2EY networks. The stuff is becoming cheaper than the cable it
N2EY replaces!

And for good reason. In my new location, I'm terrified to drill
through the walls (it's an old *solid* house that predates cheap
sheetrock by decades) but I've no trouble using wireless.

There's also the portability issue.

N2EY But not enough folks understand the need to encrypt. Without
N2EY good encryption of your network, anybody can drive by with a
N2EY lapper and access your network - and your hard drives, etc. Your
N2EY internet firewall won't help because your network thinks the
N2EY invader is *inside* your network, not outside. You need for the
N2EY network itself to be encrypted.

If someone truly sets up their network in this manner, they are truly
running a serious risk, as you describe. I've just moved, so I have
to reinstall my network, and it will actually be set up with two
wireless access points: one for the "inside", which will be
MAC-restricted and locked down with WEP (until my operating system
fully supports TKIP in which case I'll go up to that protocol), and
one which is "outside" for any and all comers to sit in the nearby
park and reach the internet. No traffic goes to the inside from the
outside, and both sides can see the internet, so life is good.

Are WEP and TKIP sufficiently secure?

N2EY Where's my RJ-45 plugs?

Put some time and effort into understanding exactly how to make it all
work properly, and you'll find that you need fewer RJ-45 plugs.

HAW! Well said!

N2EY 73 de Jim, N2EY

Oh, and I get that you're not talking about setting up your own
network in the encryption-free manner in which you describe.

No way! If I ever do go wireless, it'll be encrypted for sure!

I'm just
trying to show that there are many good ways to make wireless work
such that you can be friendly to your neighbors while protecting your
assets.

Jack.
(one of those paranoid computer security types)

Just because you're paranoid doesn't mean nobody's out to get you...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"N2EY" == n2ey writes:

[... wireless is cheap and portable but needs to be secured ...]

Jack If someone truly sets up their network in this manner, they are
Jack truly running a serious risk, as you describe. I've just moved,
Jack so I have to reinstall my network, and it will actually be set
Jack up with two wireless access points: one for the "inside", which
Jack will be MAC-restricted and locked down with WEP (until my
Jack operating system fully supports TKIP in which case I'll go up to
Jack that protocol), and one which is "outside" for any and all
Jack comers to sit in the nearby park and reach the internet. No
Jack traffic goes to the inside from the outside, and both sides can
Jack see the internet, so life is good.

N2EY Are WEP and TKIP sufficiently secure?

For my purposes, they are. WEP is known to be breakable, and TKIP
hasn't yet been properly tested, but those are the link-level
encrypted layers. 95% of what I do is done through a VNC session
tunneled through SSH -- the combination of WEP/TKIP and SSH is such
that I'm comfortable typing my GPG passphrase over the link.

Jack.
- --
Jack Twilley
jmt at twilley dot org
http colon slash slash www dot twilley dot org slash tilde jmt slash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (FreeBSD)

iD8DBQFBKoi+GPFSfAB/ezgRAsx9AKDK6xFnjYZ8U27Pg28NiU9/R0YGzQCgzKc9
Roj2Viq0ikK3biziUqByKSE=
=jRtj
-----END PGP SIGNATURE-----

In article , Jack Twilley
writes:

"N2EY" == n2ey writes:

[... wireless is cheap and portable but needs to be secured ...]

Jack If someone truly sets up their network in this manner, they are
Jack truly running a serious risk, as you describe. I've just moved,
Jack so I have to reinstall my network, and it will actually be set
Jack up with two wireless access points: one for the "inside", which
Jack will be MAC-restricted and locked down with WEP (until my
Jack operating system fully supports TKIP in which case I'll go up to
Jack that protocol), and one which is "outside" for any and all
Jack comers to sit in the nearby park and reach the internet. No
Jack traffic goes to the inside from the outside, and both sides can
Jack see the internet, so life is good.

N2EY Are WEP and TKIP sufficiently secure?

For my purposes, they are. WEP is known to be breakable, and TKIP
hasn't yet been properly tested, but those are the link-level
encrypted layers. 95% of what I do is done through a VNC session
tunneled through SSH -- the combination of WEP/TKIP and SSH is such
that I'm comfortable typing my GPG passphrase over the link.


Thanks for the advice, Jack. Will keep it in mind if I ever go to wireless
networking.

73 de Jim, N2EY