MAC-based authentication is a joke. All it takes is for someone to sniff traffic, then clone your mac(ifconfig ethX hw ether [...]).
The best way IMO to secure a small wireless network is with ipsec. You can do this very easily with freeswan and a good ipsec howto. Just create a encrypted/authenticated tunnel between your wireless machine and your router. On the router, set the policy of the wireless port to require encryption/auth. There are ofcourse other options...such as RADIUS... On Fri, Jan 10, 2003 at 11:56:13PM +0100, martin f krafft wrote: > i have a cheap-ass wireless access point which doesn't even do > MAC-based authentication, and neither can I get WEP64 to work between > it (Addtron AWS-110) and the Orinoco Silver card. > > I would like to have wireless in my appartment, but I need to prevent > folks on the street from linking into the network. The question is > how. I want to prevent them from using my internet connection just as > much as accessing local computers behind the firewall. > > Is there a tools that will send TCP resets to anything coming from an > unknown MAC address? this isn't 100% secure, but it's better than > nothing. Or is there a tool that uses a client program to establish > the identity of the host (like they have in some internet cafes to > prevent you from using the cables for laptops, even if you change the > MAC), and if someone connects without the client program, then s/he is > TCP reset for every packet sent? > > or is there a better solution? maybe someone can help me get WEP to > work... > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
