[TriLUG] Linksys Wireless Access Points

Turnpike Man turnpike420 at yahoo.com
Mon Jul 26 12:44:01 EDT 2004 

I also just implemented a Linksys WRT54G at home, however, it is currently
setup as an AP only, not as my Internet router; and learned quickly, thanks
Mike J. and a few other IRC regulars, that what I thought about 128bit WEP,
shared key, and mac filtering was not all it was cracked up to be.  I was
originally going to use this as my Internet router and not use iptables
anymore.  So anyway, using above said security settings I think ranks as due
diligence maybe, such that if someone did take the time to break into my
connection and use my Internet access for malicious purposes, I don't think I'd
harness the blame myself, at least not after initial finger pointing at me
anyway.

So the next thing about wifi is how paranoid are you?  Knowing what I know now,
I quickly realized I didn't want my wifi to have any connectivity to my LAN at
all.  With the help of Kevin O., I re-implemented iptables with a 3rd NIC,
setup for the WRT54G.  It routes 10.x.x.x for those 4 wired ports and its
802.11G/B wifi to the Internet only.  The 10.x.x.x cannot get to my internal
LAN at 192.168.x.x.  So at this point, if someone does decide to take the time
to crack my WEP, get past the mac filter via spoofing, etc, they'll only gain
Internet access and not access to my LAN.

>From here, if I want access to my LAN from my own wifi, I've only allowed SSH
so far.  If I wanted to use more services than that, I'd implement some kind of
secure VPN solution.

There is no particular reason I choose this model of Linksys over the
comparable Netgear model besides that I had already picked up a Linksys G/B
pcmcia card.

David M.


--- "David A. Cafaro" <dac at trilug.org> wrote:
> On Mon, 2004-07-26 at 10:55, Joseph Mack NA3T wrote:
> > I've pretty much had it with LinkSys WAP11s. I've had 3, they need power
> > cycling about every day to unhang them and then they die permanently.
> > 
> > How much money to you have to spend for a SOHO style WAP that will stay up
> > for months, years?
> > 
> > Thanks Joe
> 
> Not to much.  3 years ago I purchased a basic Netgear 802.11b router/WAP
> for a little over $150 (which was cheap for them 3 years ago).  It ran
> fine for 13 months, died, was quickly replaced under warranty (3 year
> warranty), and ran fine up until 2 months ago when I purchased a Linksys
> WRT54GS ($80) to replace it so that I could upgrade to 802.11G.  So far
> the Linksys router/WAP has run fine with no rebooting needed.  I would
> have gotten another Netgear, but I liked the idea of having the option
> of running a custom linux ROM on the linksys if I so desire.
> 
> 
> -David
> 
> -- 
> David A. Cafaro
> dac(at)cafaro.net
> Admin to User: "You did what!?!?!"
> 
> -- 
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
> 



		
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

More information about the TriLUG mailing list