Wireless network (WEP security)

Chris MacDonald cgm-BjBj7/ohIX+w5LPnMra/2Q at public.gmane.org
Tue Sep 30 21:36:41 UTC 2003


On Tue, Sep 30, 2003 at 05:15:37PM -0400, Emir wrote:
> Don't rely on WEP by any means, in fact I'd suggest you turn it off because 
> it
> does nothing 'cept reducing throughput and causing silly disconnects.  Your
> real protection comes higher up on the TCP stack, as VPN, SSL, or SSH 
> tunnel.
> 
> The moment you introduce wireless access on your network, all your computers
> are exposed, which means don't rely on your Internet firewall, every machine
> needs to firewall itself (you can still keep your Internet firewall as an
> outer perimeter, but don't fall into false sense of security).

You might even want to drop another interface into your firewall and run
your wireless network off that. Then you can easily filter and monitor the
wireless seperately.

Still, as Emir notes, you need to protect each host seperately as they
become exposed through the wireless network. There's no excuse for not
keeping hosts patched and uptodate just because they're behind NAT now :P.

Or don't use wireless at all. What's wrong with cables?

-cgm.
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list