Date: Tue, 23 Dec 2008 11:48:24 +0100 From: Roland Smith <rsmith@xs4all.nl> To: Nerius Landys <nlandys@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Wireless router? Message-ID: <20081223104824.GA56833@slackbox.xs4all.nl> In-Reply-To: <560f92640812221631l777631eaga00687a7e3dafe77@mail.gmail.com> References: <560f92640812221349y683a7cbhce8ae0f22a8bedf0@mail.gmail.com> <4950245D.5090006@telia.com> <49502764.10405@sequestered.net> <560f92640812221631l777631eaga00687a7e3dafe77@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--bg08WKrSYDhXBjb5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Dec 22, 2008 at 04:31:56PM -0800, Nerius Landys wrote: > Thank you all for your suggestions. This will be a project for me > over the holidays. I decided to go the standalone wireless router > approach. That's probably the easiest way. > I already have. Also I don't know too much about security, like how > to prevent eavesdroppers from connecting to my internal network. There are some things you could do. =20 - Use WPA2 if available or else at least WPA [http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access]=20 - When using WPA with pre-shared keys, use long and random generated pre-shared keys. And change them often. - You can turn off the broadcasting of the SSID=20 [http://en.wikipedia.org/wiki/SSID] to discourage casual snooping.=20 This will not deter a determined attacker, however. - If you are using the pf(4) firewall you could use authpf(8) as an additional security measure. [http://www.openbsd.org/faq/pf/authpf.html] It requires users to log in via ssh(8) and alters the firewall rules as long as the ssh session exists. This requires that the user must have additional authentication in the form of passwords or ssh keys in order to use the network. It provides an additional layer of access contr= ol. Roland --=20 R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) --bg08WKrSYDhXBjb5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAklQwfgACgkQEnfvsMMhpyXIbQCaAlUEfbRmqNhxCJutKAwIJxw6 XXEAmQH8Inb/dZQFHv8FJxsRF8xx+4ap =a4nX -----END PGP SIGNATURE----- --bg08WKrSYDhXBjb5--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081223104824.GA56833>