From owner-freebsd-questions@FreeBSD.ORG Tue Dec 23 01:32:34 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1C56C106564A for ; Tue, 23 Dec 2008 01:32:34 +0000 (UTC) (envelope-from lists@sequestered.net) Received: from alcatraz.sequestered.net (alcatraz.sequestered.net [24.199.11.2]) by mx1.freebsd.org (Postfix) with ESMTP id 655408FC13 for ; Tue, 23 Dec 2008 01:32:33 +0000 (UTC) (envelope-from lists@sequestered.net) Received: from Singularity.dyn.wh.reachlocal.com (rrcs-67-52-96-162.west.biz.rr.com [67.52.96.162]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jay@sequestered.net) by alcatraz.sequestered.net (Postfix) with ESMTPSA id 5B734680C4; Mon, 22 Dec 2008 17:31:46 -0800 (PST) Message-ID: <49503F7D.8060805@sequestered.net> Date: Mon, 22 Dec 2008 17:31:41 -0800 From: Corey Chandler User-Agent: Thunderbird 2.0.0.18 (Macintosh/20081105) MIME-Version: 1.0 To: Nerius Landys References: <560f92640812221349y683a7cbhce8ae0f22a8bedf0@mail.gmail.com> <4950245D.5090006@telia.com> <49502764.10405@sequestered.net> <560f92640812221631l777631eaga00687a7e3dafe77@mail.gmail.com> In-Reply-To: <560f92640812221631l777631eaga00687a7e3dafe77@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SEQUESTERED-NET-MailScanner-Watermark: 1230600710.63066@SY80Vuvcxabr1hbw6g72ig X-SEQUESTERED-NET-MailScanner-Information: Please contact Sequestered.net support for more information X-MailScanner-ID: 5B734680C4.813B5 X-SEQUESTERED-NET-MailScanner: Found to be clean X-SEQUESTERED-NET-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=0, required 6, autolearn=not spam) X-SEQUESTERED-NET-MailScanner-From: lists@sequestered.net X-Spam-Status: No Cc: freebsd-questions@freebsd.org Subject: Re: Wireless router? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Dec 2008 01:32:34 -0000 Nerius Landys wrote: > Thank you all for your suggestions. This will be a project for me > over the holidays. I decided to go the standalone wireless router > approach. Good man! > I will need to figure out how to configure my standalone > wireless router to "pass everything through" to the internal LAN that > I already have. It's called "Bridge mode" on most APs-- it does exactly what you describe. Just make sure things like "DHCP server" are turned off or you'll see some... odd breakages. > Also I don't know too much about security, like how > to prevent eavesdroppers from connecting to my internal network. One > of you mentioned access lists, and I assume that means I tell the > wireless router which MAC addresses it accepts, and nothing else. Ugh. MAC addresses are trivial to spoof-- I usually don't bother with using them for security, although I do use 'em to ensure that particular machines always inherit particular addresses. > Is there any other way to provide security? Like a password-protected > network? What are the buzzwords for these security schemes? Which > security scheme do you recommend for preventing random people within > proximity from connecting to my internal netowrk? > Absolutely. Google for WPA or WPA2; WEP has been broken and is trivial to bruteforce, so I'd not bother with that. Once you get the unit in, feel free to email me off list for configuration questions; it sounds like a fun project! -- CJC