Nerius Landys skrev:
Thank you all for your suggestions.  This will be a project for me
over the holidays.  I decided to go the standalone wireless router
approach.  I will need to figure out how to configure my standalone
wireless router to "pass everything through" to the internal LAN that
I already have.  Also I don't know too much about security, like how
to prevent eavesdroppers from connecting to my internal network.  One
of you mentioned access lists, and I assume that means I tell the
wireless router which MAC addresses it accepts, and nothing else.  Is
there any other way to provide security?  Like a password-protected
network?  What are the buzzwords for these security schemes?  Which
security scheme do you recommend for preventing random people within
proximity from connecting to my internal netowrk?
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"


------------------------------------------------------------------------


No virus found in this incoming message.
Checked by AVG - http://www.avg.com Version: 8.0.176 / Virus Database: 270.10.0/1861 - Release Date: 2008-12-22 11:23


Hello again Nerius,

You have understood the MAC filtering correctly. You should also encrypt the wifi traffic by using at least WPA encryption. For most wifi routers this is a checkbox and a key or a passphrase that you enter. All clients that wants access and have their MAC address in the access list will have to enter the passphrase/key on the first connect.

This means that you control the MAC address list - all new wifi devices that wants to connect to your wifi LAN needs to get added to the MAC access list - manually by you. You also control the encryption passphrase - all wifi clients that wants to connect to your wifi LAN need to know the encryption passphrase. If you use WPA for encryption you will have a higher degree of security than using the old and hackable WEP.

Of course both the MAC list and the encryption key/passphrase are stored in the wifi router - so if you don't set a proper password for admin access to this one - all is lost. You should disable wireless access for admin (remote management) to it - only allow cabled access and use a good strong password.

Buzzwords? I dunno - I hope people on the mailing list help me out here... Is there a better/simpler way of doing this?

Greetings

/Roger

For a good laugh ... Enjoy Jason Dixons presentations from the BSDcon on http://www.youtube.com/watch?v=g7tvI6JCXD0&feature=channel_page or http://www.youtube.com/watch?v=mMmbjJI5su0&feature=channel_page




_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to