[lug] wireless points in Boulder
John Hernandez
John.Hernandez at noaa.gov
Wed Apr 10 17:48:06 MDT 2002
I know this is an older thread -- I saved the original message a while
back with the intention of replying sooner. In case anyone is
interested...
A while ago I stumbled across a way of deploying inherently insecure
wireless networks with at least a bit of confidence. Essentially, you
can use a Linux box as an "authentication gateway/router" to
compartmentalize potentially untrusted users at the network layer.
To WEP or not is essentially still the admins' and users' collective
decision, and is not directly related to the authentication issue
tackled here. Personally, I tend to rely strictly on end-to-end (ssh,
SSL) encryption for sensitive data, not trusting the intermediary
networks to do this for me.
One implementation of the wireless authentication gateway concept is
explained in this HOWTO:
http://www.ibiblio.org/pub/Linux/docs/HOWTO/Authentication-Gateway-HOWTO
It's certainly not perfect, but it has the benefit of adding depth to
perimeter defenses. The more I think about it, there are probably many
other innovative (and safer) ways to accomplish this goal using our
favorite OS ;)
Ferdinand Schmid wrote:
> The folks at Boulder labs did a nice presentation on wireless networks
> at yesterday's FRUUG meeting. Here is partial map of downtown boulder:
> http://www.boulderlabs.com/open-nets.html
>
> The fact that anyone can even spoof mac addresses using 802.11b is
> simply outrageous! Let alone the failed attempts for encryption. They
> don't even have the numer of bits for encryption right! Lucent's claim
> if 128 bit is really 104 bit - 64bit is really 40 bit...
>
> I had hopes for using this at our office a few years ago and completely
> dropped it - I only use it for direct access to the public Internet.
>
> Ferdinand
>
> "Scott A. Herod" wrote:
>
>>Apparently at a recent 2600 meeting in Boulder a list was
>>passed around with approx. 300 local open wireless points.
>>_______________________________________________
>>Web Page: http://lug.boulder.co.us
>>Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>
>
--
- John Hernandez - Network Engineer - 303-497-6392 -
| National Oceanic and Atmospheric Administration |
| Mailstop R/OM12. 325 Broadway, Boulder, CO 80305 |
----------------------------------------------------
More information about the LUG
mailing list