[PLUG] Wireless Access Point Security
Keith Lofstrom
keithl at kl-ic.com
Sun Apr 25 05:56:08 UTC 2010
> Paul Mullen wrote:
> >At some point you need to compare the cost of all these security
> >measures to their supposed benefit. What is the probability that
> >anyone cares enough about gaining access to your network that they'd
> >go to all the trouble of sniffing out the SSID, MAC addresses,
> >cracking your WEP, etc.? Rather quite low, I'd bet. It may be a better
> >use of your time to focus on host security instead.
>
On Sat, Apr 24, 2010 at 12:56:26PM -0700, Richard C. Steffens wrote:
> Probably right. For years I've counted on my router hiding my house from
> the outside world. I do have trouble getting from one machine to another
> inside the house, sometimes (XP machines talking to Linux machines) but
> I haven't put the effort into understanding all the issues involved in
> good network security.
Since I can't evaluate them, I assume any wireless security system
is subject to careful observation and side-channel attack. Protocols
come in two flavors - compromised, and soon-to-be-compromised.
So, I run my wireless system open, without encryption, on a DMZ port
on my ALIX router. I use the same process to connect to my inside
systems via wifi as I am doing from the Sunnyvale Motel 6 room I
am in now - VPN and SSH. Same weak link, same strong protocols.
Open wireless access point on DMZ Port
|
Verizon WAN Port ---- ALIX ---------------- wired LAN Port
<---- VPN ---->
<-- SSH -->
Keith
--
Keith Lofstrom keithl at keithl.com Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs
More information about the PLUG
mailing list