[Novalug] best way to secure wireless?
Maxwell Spangler
maxpublic06 at maxwellspangler.com
Mon Nov 27 15:14:36 EST 2006
On Sun, 26 Nov 2006, gregory pryzby wrote:
> If someone wants to use my wireless, they are welcome to it.
>
> That said, I did decide to 'hide' the essid, so someone needs to know
> it to get online.
>
> So, tell me why this is a dumb thing to do.
The problem with wireless is that when you want to share and you want to be
secure, these two goals work against each other.
My solution is for one internet connection: setup two access points. I use
three router/firewalls:
The first is a firewall between the internet and my premesis. A single point
to manage the connection and firewall incoming traffic.
The second AP is an SSID broadcasting, completely unencrypted wireless on
channel "A". Guests can use this for whatever they like.
The third AP is not broadcasting its SSID and is encrypted using WEP (just
because it was easy to setup, I don't defend it against WPA, etc.) I use my
personal laptop with this network so that most people will overlook it and not
be able to easily see my traffic.
I can't tell you how much I appreciate people that open their wireless
networks. We do it at our restaurant and people do appreciate it, but at home
I have no telephone line or cable so no internet access. I'm surrounded by 10
to 12 networks that are WEP encrypted, but have no idea who is who in my
apartment complex..
When I move (in the next few days) and get broadband again, I'll definitely
open it . Monitor it, yes, but open it still.
--
-- ----------------------------------------------------------------------------
Maxwell Spangler
Chapel Hill, North Carolina
More information about the Novalug
mailing list