[PLUG] Wireless home LAN - security? WiFi vs Bluetooth?

Rodney W. Grimes freebsd at gndrsh.dnsmgr.net
Sun Jul 28 20:57:52 UTC 2019


> On 7/28/19 11:24 AM, Russell Senior wrote:
> > On Sun, Jul 28, 2019 at 11:18 AM Richard Owlett <rowlett at cloud85.net> wrote:
> > 
> >> On 07/28/2019 07:11 AM, Richard Owlett wrote:
> >>> [snip]
> >>> I have only a few machines a max of 6' apart.
> >>> My usage would typically be peer-to-peer but I want to communicate
> >>> between any two machines.
> >>> My web connectivity is via a T-Mobile WiFi Hotspot (WiFi turned off).
> >>> I run Debian and all software must be in their repository.
> >>>
> >>> I've just begun reading - primarily Wikipedia articles and some links
> >>> from them.  My primary question is "What should I be reading?" in order
> >>> to ask appropriate questions.
> >>> [SNIP]
> >>
> >> Considering using either WiFi or Bluetooth.
> >> What should I read to know "lay of the land"?
> >>
> > 
> > This message. If your goal is to transfer files, use ethernet or wifi, in
> > that order of preference. Full stop.
> 
> Just to clarify terms: both wired and wifi (wireless) are "ethernet".
> You can also do "ethernet" via bluetooth (only if desperate IMHO).

Wait a minute here, I have to speak to some errors....

Ethernet is a link layer physical protocol specified
formally as ieee 802.3.  wifi is NOT ethernet, it
is wireless, also specified by another group 802.11. You may
carry "ethernet frames" in other link layer technology,
but that does not make them ethernet.

Many of the link layer (layer 2) technlogies reuse the
ethernet MAC address format, but again, that is just
borrowing a part of technology and does not make them
"ethernet".

> ethernet = network tchnology, typically using TCP/IP over twisted pair
>            RJ45 connections

ethernet = a physical link layer specification (layer 2) that may
use twised pair to RJ45, coax, fiber optics, used to carry
all sorts of layer 3 protocols (TCP/IP being but 1).  Most
formally specified as 802.3.
 
> wired, wifi = physical network connection hardware

Not right, but not totally wrong.  Wi-Fi is technically a branding
logo used by vendors of 802.11 radio hardware.  Wired is usually
in reference to wire, but can also mean optical cable.  The
more correct terminology is wired vs wireless.

> 
> Thus, if you do not what to do "Ethernet" then you are back to
> sneakernet.  You also did not explain why a wired configuration is not
> suitable. If the systems are withing 6 feet of each other, wired
> networking is the easiest ad most reliable method.
> 
> The most secure is to use wired ethernet TCP/IP.
Ethernet is always wired so redundant here, TCP/IP is a transport layer
so should be stated as "with TCP/IP" or some other joining word,
or probably as "TCP/IP over ethernet".

And to raise the security I could say "The more secure is to use
ipsec encrypted TCP/IP over ethernet."  The use of the 2 words
"most secure" is subjective.

> The software already
> exists in all linux distributions in the base installation. Most (99%)
> wired ethernet chipset drivers are already present in the linux kernel.
> It is easy to set up a peer to peer networking on a 2+ systems via some
> cable, a switch and fixed IP addresses and /etc/hosts files.
> 
> "wifi" or 802.11[a,b,g,n,ac] is just wired ethernet without the wires.

Not correct, ethernet (802.3) vs 802.11 are very different link layers with
very different implementations far beyind the wired vs wireless issue.

802.11 actually uses a very complicated link layer that has
added things like collision avoidance (non existant in ethernet),
in its current 802.11ac form I would say it is 2, almost 3 orders
of magnitude more complex than ethernet, and also almost that many
orders more fragile.

> it is more complex to configure. Wifi depends on the vagaries of wifi
> chipset drivers - some are in the kernel, some are binary blobs, not all
> work as well as they should.  Setting up security can alos be
> problematic between different chipsets.   IMO, Broadcom sucks,
> Qualcom/atheros and intel are good.  Recommended only if running wires
> is not feasible or for phones/tablets.

Personally I am fine with Broadcom, your milage may very, and
actually have more issues with Intel nics than any other, but
then I probably deal with a different base of platforms.

I do concur on the use wires before wireless if at all possible.

> 
> Bluetooth is good for keyboards, mice, headsets, but needs special (not
> all laptops have it) hardware and drivers not always present in the
> Linux kernel, and can be a pain to set up. it is also extremely
> insecure.  Not recommended.
> 
> Personally, I crawled under the house and ran wire: CAT 6/5e for 1 Gbps
> from office to living and bed rooms. No way for anyone to "sniff" my
> packets until they leave the cable modem.

I would be careful with that absolute statement, all electrical signals
in wires emit radio waves :-)  But I doubt the issue here has those
level of security concerns.

> 
> Since you are on Debian, why are you poking around Wikipedia?  Debian is
> the second oldest linux distribution and has a large documentation
> collection:
> 
> https://www.debian.org/doc/manuals/debian-reference/ch05
> https://wiki.debian.org/NetworkConfiguration
> https://wiki.debian.org/Network
> https://wiki.debian.org/DebianLAN
> https://wiki.debian.org/WiFi
> https://debian-handbook.info/browse/stable/sect.network-config.html
> 
> -Ed
> 
> 
-- End of PGP section, PGP failed!

:-)  This message may or may not be secured :-)


-- 
Rod Grimes                                                 rgrimes at freebsd.org



More information about the PLUG mailing list