Re: affordable wireless
Brad, We can agree that the 40 bit stuff is not worth the trouble. My 128 bit Lucent card says "128-bit RC-4 encryption". Last I heard, RC-4 was not considered a "safe" algorithm. Also, in any multi-user environment, the secret must be too public. (I believe that when I know something, it's secure. When I tell someone, it's secret. When someone else is told, it's public.) Using an encrypted link is fine, but I worry that people will believe far too much in its security. (Especially when they see "128-bit".) If I'm wrong and it is 3DES, never mind! But still use ssh whenever possible. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: affordable wireless
At 9:11 AM -0700 2000/9/5, Kevin Oberman wrote: > Even at 128 bits, WEP encryption is, at best, rather weak. The right > answer is to use strong encryption for everything. If I'm not mistaken, this is actually using Triple DES at 128 bits, so this is still decently strong. The problem is that the normal WEP key is only 40 bits long, which we know can be cracked in a matter of only a few seconds. > OpenSSH is now a standard part of FreeBSD. Use it and stop sending > clear passwords over the net. Then you don't care about the security > of the link, only the end nodes. OpenSSH is good, and I certainly use it (and other ssh products) where possible. However, it is not a panacea, it cannot be used everywhere, and if you can enable additional encryption at the link level, then you should certainly do that. -- These are my opinions -- not to be taken as official Skynet policy == Brad Knowles, <[EMAIL PROTECTED]>|| Belgacom Skynet SA/NV Systems Architect, Mail/News/FTP/Proxy Admin || Rue Colonel Bourg, 124 Phone/Fax: +32-2-706.13.11/12.49 || B-1140 Brussels http://www.skynet.be || Belgium "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: affordable wireless
> "KO" == Kevin Oberman <[EMAIL PROTECTED]> writes: KO> OpenSSH is now a standard part of FreeBSD. Use it and stop sending KO> clear passwords over the net. Then you don't care about the security KO> of the link, only the end nodes. But without encryption, anyone can talk to your base station. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: affordable wireless
"Kevin Oberman" <[EMAIL PROTECTED]> wrote: > Even at 128 bits, WEP encryption is, at best, rather weak. The right > answer is to use strong encryption for everything. > > OpenSSH is now a standard part of FreeBSD. Use it and stop sending > clear passwords over the net. Then you don't care about the security > of the link, only the end nodes. Very true. If people want to know why, see: http://mail-index.netbsd.org/tech-net/2000/02/04/0001.html -- Darryl Okahata [EMAIL PROTECTED] DISCLAIMER: this message is the author's personal opinion and does not constitute the support, opinion, or policy of Agilent Technologies, or of the little green men that have been following him all day. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: affordable wireless
"Sameer R. Manek" <[EMAIL PROTECTED]> wrote: > Does anyone have any suggestions on how to have 802.11 wireless for home > users? Naturally it should be supported by FreeBSD. Configuruation can be > done on any pc os though. > > My only affordable solution so far is to use the Apple AirPort base station, > and wavelan pcmcia cards, but I don't know if they can co-exist, and the > AirPort needs a Macintosh to configure. My idea of affordable for this is > less then $500, the lucent wavelan solution works out to about $900 startup, > that's a little out of my budget. Just to let everyone know: I should be getting a TechWorks (Buffalo) AirStation in the next couple of days, and I'll be adding it to my FreeBSD Wireless documentation. A co-worker got one, and we played with it briefly; it doesn't look too bad. It's an actual base station (does not work in ad-hoc mode). I don't know if it supports NAT/DHCP though, although bridging appears to work fine. Other comments: * Configuration is done via a web browser (bleah). * Only supports 40-bit encryption. Don't know if it's like the AirPort when it comes to the 128-bit encryption upgrade, though. * Keys can be entered as hex (yes!). * The $279 model doesn't have a modem. With a modem, it's $299 (the same as the AirPort). * It works fine with my Lucent Orinoco (WaveLan) gold card (we didn't try enabling encryption, though). -- Darryl Okahata [EMAIL PROTECTED] DISCLAIMER: this message is the author's personal opinion and does not constitute the support, opinion, or policy of Agilent Technologies, or of the little green men that have been following him all day. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: affordable wireless
Even at 128 bits, WEP encryption is, at best, rather weak. The right answer is to use strong encryption for everything. OpenSSH is now a standard part of FreeBSD. Use it and stop sending clear passwords over the net. Then you don't care about the security of the link, only the end nodes. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
