Re: securing OpenBSD wireless network

view
thread

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Christian Weisgerber <naddy@...>

To: <misc@...>

Subject: Re: securing OpenBSD wireless network

Date: Monday, November 19, 2007 - 6:55 pm

Marco S Hyman <marc@snafu.org> wrote:

quoted text> Very true.   The only time I consider turning on WEP is when I notice
> a neighbor is connecting to my net more often than not.  Yes, by accident.

And downloading his mail with unencrypted POP3 for all to see...

You can use IPsec to discourage that, too.  The pf configuration
on my home WLAN gateway passes *only* ISAKMP negotiation and ESP
packets from/to the gateway.  ESP packets that don't match an IPsec
association are dropped.  To get a valid IPsec association, a host
needs to sucessfully negotiate with isakmpd.  And for that it needs
to authenticate (host key or password).  Of course stations can
still talk on the WLAN itself, but neighbors tend to have little
interest in that niche use.

-- 
Christian "naddy" Weisgerber                          naddy@mips.inka.de

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: securing OpenBSD wireless network, Christian Weisgerber, (Mon Nov 19, 6:55 pm)

Navigation

Mail archive search

Popular discussions


linux-kernel:
FUJITA Tomonori	Re: Integration of SCST in the mainstream Linux kernel
Arnd Bergmann	Re: [RFC][PATCH 1/4] checkpoint-restart: general infrastructure
Matthew Wilcox	Multiple MSI, take 3
Alok Kataria	Use CPUID to communicate with the hypervisor.
git:
Li Frank-B20596	why not TortoiseGit
Miklos Vajna	[rfc] git submodules howto
Linus Torvalds	Re: fatal: Out of memory, malloc failed
lukass	[RFC] Convert builin-mailinfo.c to use The Better String Library.
linux-netdev:
Evgeniy Polyakov	[resend take 2 0/4] Distributed storage.
Wenji Wu	A Linux TCP SACK Question
Marcel Holtmann	Bluetooth fixes for 2.6.27
David Miller	Re: [GIT PULL] [IPV6] COMPAT: Fix SSM applications on 64bit kernels.
openbsd-misc:
Chris	Prolific USB-Serial Controller
Nick Guenther	Re: how to clear dmesg outpout
Daniel Ouellet	identifying sparse files and get ride of them trick available?
Julien TOUCHE	setting up ssh tunnel/vpn

Latest forum posts


How can I see my kernel messages in vt12?	4 hours ago	Linux kernel
Why Windows is better than Linux	13 hours ago	Linux general
Grub	15 hours ago	Linux general
vmalloc_fault handling in x86_64	22 hours ago	Linux kernel
epoll_wait()ing on epoll FD	1 day ago	Linux kernel
Framebuffer in x86_64 causes problems to multiseat	1 day ago	Linux kernel
Difference between 2.4 and 2.6 regarding thread creation	1 day ago	Linux general
Netfilter kernel module	1 day ago	Linux kernel
Compiling gfs2 on kernel 2.6.27	1 day ago	Linux kernel
The lights are on but nobody's home	1 day ago	KernelTrap Suggestions and Feedback

Show all forums...

Recent Tags

more tags

Colocation donated by:

Online users

Syndicate