From owner-freebsd-current@FreeBSD.ORG Tue Jun 1 01:17:06 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC2FC16A4CF; Tue, 1 Jun 2004 01:17:06 -0700 (PDT) Received: from herring.rabson.org (mailgate.nlsystems.com [80.177.232.242]) by mx1.FreeBSD.org (Postfix) with ESMTP id C812A43D4C; Tue, 1 Jun 2004 01:17:05 -0700 (PDT) (envelope-from dfr@nlsystems.com) Received: from herring.rabson.org (herring.rabson.org [10.0.0.2]) by herring.rabson.org (8.12.11/8.12.11) with ESMTP id i518Gq7r040816; Tue, 1 Jun 2004 09:16:53 +0100 (BST) (envelope-from dfr@nlsystems.com) From: Doug Rabson To: Brian Feldman Date: Tue, 1 Jun 2004 09:16:51 +0100 User-Agent: KMail/1.6.1 References: <20040530190600.5B64916A4CF@hub.freebsd.org> <200405310948.55864.dfr@nlsystems.com> <20040531231752.GB15637@green.homeunix.org> In-Reply-To: <20040531231752.GB15637@green.homeunix.org> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200406010916.51654.dfr@nlsystems.com> X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on herring.rabson.org X-Virus-Scanned: ClamAV version 'clamd / ClamAV version 0.65', clamav-milter version '0.60p' cc: Bill Paul cc: freebsd-current@FreeBSD.ORG Subject: Re: Project Evil APs X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2004 08:17:07 -0000 On Tuesday 01 June 2004 00:17, Brian Feldman wrote: > On Mon, May 31, 2004 at 09:48:55AM +0100, Doug Rabson wrote: > > On Sunday 30 May 2004 20:06, Bill Paul wrote: > > > > > > > > > > You want to use ad-hoc mode. You don't want to bother me with > > > > > silly questions about hostap mode because it doesn't really > > > > > let you do anything you can't do with ad-hoc mode anyway. Use > > > > > IPSec with ad-hoc mode and you'll probably get better > > > > > security than any access point can give you in the first > > > > > place. > > > > > > > > > > > > > Probably. Only if I can get this silly little WinME laptop to > > > > do ad-hoc as well though. The main reason for doing this is > > > > that my AP died and my gf wants to use the laptop in the garden > > > > :-). > > > > > > Did you... read the little booklet that came with the card in > > > your gf's computer? Sometimes there's a special control panel > > > snap-in or custom utility to configure the card. If not, go to > > > the control panel, click "system" and look for the device > > > manager. Select the wireless device and check for driver > > > settings. You might be able to set ad-hoc mode there. > > > > I managed to find new drivers for the laptop's card and it works > > fine now. Now I just have to put some kind of tunnelling thing > > together (I guess pptp is the only option for WinMe) so that the > > neighbours can't 'borrow' our service. > > Doing a Windows-style VPN is pretty darn easy on FreeBSD: > 1. Install ports/net/poptop. > 2. Set up pptpd.conf (pretty much just the remoteip and localip > options). 3. Set up ppp(8) with a "pptp" section, much like the > following: pptp: > set timeout 0 > set log phase chat connect lcp ipcp command > enable MSCHAPv2 > enable mppe > set mppe 128 stateful > disable deflate pred1 > deny deflate pred1 > accept dns > enable dns > set ifaddr localip range ... > 4. After modifying ppp.conf, add appropriate users to ppp.secret. I ended up using mpd from ports/net/mpd instead - it works very nicely.