Securing a wireless network (theory)

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #69,115 by inthane-chan 12/16/02 11:24:50 AM Reply	Securing a wireless network (theory) One of my coworkers suggested that the best way to secure a wireless network would be to drop a xBSD box as a firewall on the other side of the wireless connection, then treat everything on the wireless side as hostile, then VPN to the BSD box. Any thoughts? Comments? Large flaming bovines? If this works, I might consider it... Gimli's Rules for Surviving in Middle Earth #43: When attempting to destroy an artifact, remember to use somebody else's axe.
Post #69,165 by boxley 12/16/02 4:06:08 PM Reply	vpn or ssh and treat all external networks as insecure will work for cash and other incentives [link\|http://home.tampabay.rr.com/boxley/resume/Resume.html\|skill set] You think that you can trust the government to look after your rights? ask an Indian
Post #69,174 by folkert 12/16/02 4:25:54 PM Reply	Yes... Treat Wireless... Treat the Wireless LAN as another "Internet" or Public interface. Best way to handle this IMO. `[link\|mailto:curley95@attbi.com\|greg] - Grand-Master Artist in IT [link\|http://www.iwethey.org/ed_curry/\|REMEMBER ED CURRY!!!]` Your friendly Geheime Staatspolizei reminds: [link\|http://www.wired.com/news/wireless/0,1382,56742,00.html\|Wi-Fi enabled device use] comes with an all inclusive free trip to the (county)Photographer! Overbooking, is a problem, please be prepared for "room-ies". Why You ask? Here is the answer to your query: `SELECT * FROM politicians WHERE iq > 40 OR \\ WHERE ego < 1048575; 0 rows found`
Post #69,188 by kmself 12/16/02 5:14:14 PM Reply	Treat networks as insecure. Use secure protocols. Repeating what others have said, and suggesting that this be your general rule in any event. Networks should be considered hostile. Secure your individual connections. \r\n\r\n Note that with WiFi you've got an additional concern over simple snooping. If you want to restrict unauthorized access to the service, you should consider options for doing this. Using authenticating proxies for external access, and firewalling off any protocols you don't explicitly want to support, should turn most of the trick. \r\n --\r\n Karsten M. Self [link\|mailto:kmself@ix.netcom.com\|kmself@ix.netcom.com]\r\n [link\|http://kmself.home.netcom.com/\|http://kmself.home.netcom.com/]\r\n What part of "gestalt" don't you understand?\r\n [link\|http://twiki.iwethey.org/twiki/bin/view/Main/\|TWikIWETHEY] -- an experiment in collective intelligence. Stupidity. Whatever.\r\n \r\n Keep software free. Oppose the CBDTPA. Kill S.2048 dead.\r\n[link\|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html\|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html]\r\n
Post #69,196 by inthane-chan 12/16/02 5:42:52 PM Reply	That's pretty much what the idea is, AFAIK. Shut off every service except for VPN/SSH, use pregenerated key pairs for authentication (4096 bit keys? Longer?) and anybody who jumps on the network gets a connection that goes nowhere. If you have a key, you VPN to 192.168.0.1, and voila! you're internal again. Gimli's Rules for Surviving in Middle Earth #43: When attempting to destroy an artifact, remember to use somebody else's axe.

Securing a wireless network (theory) - (inthane-chan) - (4) - Dec. 16, 2002, 11:24:50 AM EST

vpn or ssh and treat all external networks as insecure -NT - (boxley) - Dec. 16, 2002, 04:06:08 PM EST

Yes... Treat Wireless... - (folkert) - Dec. 16, 2002, 04:25:54 PM EST

Treat networks as insecure. Use secure protocols. - (kmself) - (1) - Dec. 16, 2002, 05:14:14 PM EST

That's pretty much what the idea is, AFAIK. - (inthane-chan) - Dec. 16, 2002, 05:42:52 PM EST

iwethey.org

Hey... Pong. My parents played this game.
67 ms