[TriLUG] wireless security

Andrew Perrin clists at perrin.socsci.unc.edu
Fri Aug 20 11:28:01 EDT 2004


Welcome! My own thought is that I would use a plain WAP for the wireless
itself -- makes life easier to separate that out -- and then an iptables
box to route in and out.  If you will also have wired connections to the
server, I would recommend using three ethernet cards in the routing box:
one to the outside world, one to the WAP, and one to wired clients. That
way anything coming in on the wired card can be issued an address, while
requests coming in from the WAP can be treated with more suspicion.

ap

----------------------------------------------------------------------
Andrew J Perrin - http://www.unc.edu/~aperrin
Assistant Professor of Sociology, U of North Carolina, Chapel Hill
clists at perrin.socsci.unc.edu * andrew_perrin (at) unc.edu


On Thu, 19 Aug 2004, Jeremy West wrote:

> Hello friends.
>
> I just moved in from Utah, and I've heard about this awesome LUG here.  So in
> the spirit of keeping it awesome.  I have a few questions.  I ask the other
> one in another thread though.
>
> Situation:  I'm installing wireless internet access for a building in the NC
> State campus area.  The owners are concerned about security (obviously).  Now
> I can do the whole WEP thing, some mac authentication, and NAT'ing magic.
> But... is there a better way?  I'll working on a limited budget.
>
> Would it be easier to setup the server as a wireless access point, or use a
> blackbox (linksys senario)?
>
> Just some food for thought
>
> Thanks
>
> Jeremy West
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>



More information about the TriLUG mailing list