On Mon, Feb 11, 2002 at 10:57:12PM -0800, Steve Lee said: > This is what i do at home. > i do have wireless, have dhcp setup. > however, dhcp is only setup to allow one machine to > connect, my laptop, with only my mac address, to bind. > so it only allows my computer to connect dhcp. > others are all static. i only use ssh, and of course > browse the web at home. > > what do you guys think. ? > > With wireless networks, some of the major risks are the ability for someone to "sniff" your wireless traffic and the ability for someone to "piggyback" off you internet connection.
To prevent sniffing, you can run the various encryption protocols provided by your access point, e.g. WEP. Although it has been shown that WEP is insecure and can be broken. Using ssh is definitely good as that will be secure. Browsing the web does leave you open, although SSL sites will give you some protection. Take note that checking your e-mail will give away your POP3 name/password unless you're using some form of secure authentication or tunneling your POP connection through SSH. Preventing "piggyback" is a bit more difficult. MAC addresses can be cloned, i.e. they can sniff your connection, get your MAC address and connect whenever you're not connected. So if you're not using your wireless connection, you may want to switch it off. I run a wireless network at home. I treat the whole wireless segment as an untrusted segment, i.e. same as the internet. I only allow outward http/https from the wireless network out into the internet (via the wireless router). For e-mail and usenet, I tunnel it through ssh. I have a linux machine as an internal firewall protecting the other linux and windows machines. Downside is that Windows Networking/Samba is not working (yet). I am aware of the risks but d@mn it, I like the convenience of being able to be online while in front of the TV, in the bedroom, in the yard, etc. Cheers, _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
