[olug] Wireless LAN - security

David Walker linux_user at grax.com
Fri Sep 28 20:27:26 UTC 2001


> we are in scramble mode attempting to find reasonable security augments for these LANs

I had envisioned a security solution when flaws were announced with
WEP.  I'd love some feedback on it.

Use the existing wireless network but without any routing. I.E. 
WirelessRouter1 gets IP 10.0.0.1 and WirelessMachine1 gets IP 10.0.0.10.
Then install a VPN server on the 10.0.0.0/24 network and set up an
encrypted secured VPN connection from WirelessMachine1 into your secured
network.

It's not extremely pretty but it does give you a choice of several VPN
solutions and varying encryption levels.


On Friday 28 September 2001 02:17 pm, you wrote:
> Different people are going to have different opinions as to what is or is
> not available and I hope that the dialogue has been informative.  This is
> my last contribution to the information flow.  802.16 addresses a number of
> offerings which already exist from many vendors who provide fixed wireless
> broadband access. These implementations are primarily for point to point
> implementations . The cost can go from very inexpensive to high priced
> depending upon the vendor and the features and functions which are
> provided.  It is certainly possible to use 802.11 as a standard for access.
>
> However, in my opinion there is a difference between using a transport
> medium for your own personal access versus something that you are providing
> to someone else on a commercial basis.  We have a number of 802.11
> implementations which are used for LANs and we are in scramble mode
> attempting to find reasonable security augments for these LANs.  Although I
> don't recommend using this as a commercial access method, I can
> legitimately see why others may have a different opinion.
>
> ---------------------------------------------------------------------------
>---------------------------------------------------------------- From:  Eric
> Subject:  Re: [olug] Wireless LAN
>
> http://wirelessman.org
>
> 802.16 is meant as a broadband connection like DSL or cable modems. The
> standard won't be finished until January 2002 at the earliest.  They
> have almost finished the MAC layer.  There are proprietary technologies
> that can do this type of thing but hte cost is very prohibitive.
> 802.16 is looking at 2 ranges of frequencies 2-11 GHz and 10-66 GHz.
> Why they overlap is beyond me right now.  802.11b is 11 Mbps at 2.4 GHz
> and 802.11a is 52 Mbps at 5 GHz.  I don't know what the proposed speeds
> are for 802.16.  They are trying to use the good parts of 802.11 in
> this standard though so the hardware can be quickly implemented and get
> to market.  I don't expect this to take off for another 3 years though
> since 802.11a is coming, unless security of the wireless infrastructure
> takes precendence or companies can start making a profit from
> broadband.
>
> Eric
> ---------------------------------------------------------------------------
>----------------------------------------------------------------- From: 
> Jerry
>
> I acknowledge the point that Eric makes and also need to provide a point of
> clarification.  Although I think of 802.11 as simply a mobile LAN, you are
> right  it can provide access to the Internet.  As far as 802.16 is
> concerned, it is my understanding that this simply is a collection of the
> fixed wireless technologies which are in place today and have been provided
> for years so there are commercial products that do exist at various
> frequencies.
>
> -----------------------------------------------------------------------
>
> From:
> Eric Penne
>
> To:   olug at bstc.net
> Subject:  Re: [olug] Wireless LAN
>
> I disagree that 802.11b is not the solution for high speed access.
> 802.11 is the only wireless standard that is feasible right now and for
> the next 2 years.  802.16 is still in draft and there is no hardware
> available.  802.11 is also supported in linux, has hardware available,
> and is getting cheaper.
>
> There are some security and freeloading problems but nothing that can't
> be overcome with some already available tools in linux.
>
> Eric Penne
>
> -----------------------------------------------------------------------
>
> From: Jerry
>
>
> I would suggest that wireless LANs such as those that meet the 802.11b
> or a
> standard can connect building or a campus but are not the solution for
> high
> speed access. That is what the 802.16 or fixed wireless access is
> about. If
> companies or landlords etc. in the area have sufficient interest in
> such
> solutions this is not a difficult thing to accomplish
>
> ------------------------------------------------------------------------
> From:  Eric
> Subject:  Re: [olug] Wireless LAN
>
> http://wirelessman.org
>
> 802.16 is meant as a broadband connection like DSL or cable modems. The
> standard won't be finished until January 2002 at the earliest.  They
> have almost finished the MAC layer.  There are proprietary technologies
> that can do this type of thing but hte cost is very prohibitive.
> 802.16 is looking at 2 ranges of frequencies 2-11 GHz and 10-66 GHz.
> Why they overlap is beyond me right now.  802.11b is 11 Mbps at 2.4 GHz
> and 802.11a is 52 Mbps at 5 GHz.  I don't know what the proposed speeds
> are for 802.16.  They are trying to use the good parts of 802.11 in
> this standard though so the hardware can be quickly implemented and get
> to market.  I don't expect this to take off for another 3 years though
> since 802.11a is coming, unless security of the wireless infrastructure
> takes precendence or companies can start making a profit from
> broadband.
>
> Eric
>
> ------------------------------------------------------------------------
>
> From:  Jerry
>
> I would suggest that wireless LANs such as those that meet the 802.11b or a
> standard can connect building or a campus but are not the solution for high
> speed access. That is what the 802.16 or fixed wireless access is about. If
> companies or landlords etc. in the area have sufficient interest in such
> solutions this is not a difficult thing to accomplish
>
>
>
>
> "Chad S. Lauritsen" <csl at perfectionlearning.com> on 09/22/2001 07:55:24 PM
> Subject:  [olug] Wireless LAN
>
>
> Hi,
>
> A while back there were some threads regarding 802.11 wireless networking.
> I
> have never played with it, but I had a question maybe some of you could
> answer.
>
> Would it be possible for an apartment landlord to use it to provide
> high-speed
> internet to tenants? (To avoid retrofitting Cat-V in the walls.)
> Specifically, can it travel through the walls reliably
> enough to a central router connected via, say T1 access? Or does it really
> have
> to have a _visually_ non-obstructed line-of-sight?
>
> Thanks,
> Chad

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

For help contact olug-help at bstc.net - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at bstc.net
or `mail olug-unsubscribe at bstc.net < /dev/null`
(c)2001 OLUG http://www.olug.org

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_




More information about the OLUG mailing list