Date: Tue, 23 Dec 2008 14:31:43 +0100 From: Roger Olofsson <240olofsson@telia.com> To: Nerius Landys <nlandys@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Wireless router? Message-ID: <4950E83F.3070308@telia.com> In-Reply-To: <560f92640812221631l777631eaga00687a7e3dafe77@mail.gmail.com> References: <560f92640812221349y683a7cbhce8ae0f22a8bedf0@mail.gmail.com> <4950245D.5090006@telia.com> <49502764.10405@sequestered.net> <560f92640812221631l777631eaga00687a7e3dafe77@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nerius Landys skrev: > Thank you all for your suggestions. This will be a project for me > over the holidays. I decided to go the standalone wireless router > approach. I will need to figure out how to configure my standalone > wireless router to "pass everything through" to the internal LAN that > I already have. Also I don't know too much about security, like how > to prevent eavesdroppers from connecting to my internal network. One > of you mentioned access lists, and I assume that means I tell the > wireless router which MAC addresses it accepts, and nothing else. Is > there any other way to provide security? Like a password-protected > network? What are the buzzwords for these security schemes? Which > security scheme do you recommend for preventing random people within > proximity from connecting to my internal netowrk? > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.176 / Virus Database: 270.10.0/1861 - Release Date: 2008-12-22 11:23 > Hello again Nerius, You have understood the MAC filtering correctly. You should also encrypt the wifi traffic by using at least WPA encryption. For most wifi routers this is a checkbox and a key or a passphrase that you enter. All clients that wants access and have their MAC address in the access list will have to enter the passphrase/key on the first connect. This means that you control the MAC address list - all new wifi devices that wants to connect to your wifi LAN needs to get added to the MAC access list - manually by you. You also control the encryption passphrase - all wifi clients that wants to connect to your wifi LAN need to know the encryption passphrase. If you use WPA for encryption you will have a higher degree of security than using the old and hackable WEP. Of course both the MAC list and the encryption key/passphrase are stored in the wifi router - so if you don't set a proper password for admin access to this one - all is lost. You should disable wireless access for admin (remote management) to it - only allow cabled access and use a good strong password. Buzzwords? I dunno - I hope people on the mailing list help me out here... Is there a better/simpler way of doing this? Greetings /Roger For a good laugh ... Enjoy Jason Dixons presentations from the BSDcon on http://www.youtube.com/watch?v=g7tvI6JCXD0&feature=channel_page or http://www.youtube.com/watch?v=mMmbjJI5su0&feature=channel_page
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4950E83F.3070308>