The UK Home Automation Archive

Archive Home
Group Home
Search Archive


Advanced Search

The UKHA-ARCHIVE IS CEASING OPERATIONS 31 DEC 2024


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Wireless transfer rates.


  • To: ukha_d@xxxxxxx
  • Subject: Re: Wireless transfer rates.
  • From: "mark_harrison_uk2" <mph@xxxxxxx>
  • Date: Thu, 12 Jun 2003 15:06:54 -0000
  • Mailing-list: list ukha_d@xxxxxxx; contact ukha_d-owner@xxxxxxx
  • Reply-to: ukha_d@xxxxxxx

Security's a trade off between absolute security, convenience, and
cost.

To start at the easiest to use / cheapest / least secure, and move
upwards:

1: No WEP, non-hidden network name.

No security at all. Not even a little bit. About the only thing to do
is live in a big house with a long driveway, and not allow anyone
with a computer to drive up to your house :-)

2: No WEP, hidden network name.

Prevents access from the "fiendly stumbler" - ie the well-meaning
person who might happen to have a wireless card-enabled PC on him,
but isn't actively looking to get onto your network.

3: WEP

Protects against the person who's looking for networks he can access
immediately. Not proof against someone who's looking to hack into
you, who will snoop your traffic, and then crack your WEP keys.

4: WEP, locked-down MAC addresses

Protects against the unsophisticated hacker. Equally crackable by
someone with a fast laptop who knows what he's doing as 3. MAC
addresses are spoofable.

5: Firewall clients on each wireless PC

Pretty damn near state of the art! You need, however, something to
sit between your wireless access point and the rest of your network.
Whether you call that something a "firewall" a "bridghead
server" or
a "VPN concentrator" is more a matter of vendor choice and
material
difference to the security you'll get :-)

I have two wireless networks at home. A "level 1" network that
shares
Internet access, and a "level 4" network that gets access to my
servers. I also publish my shared internet access network on consume.
This means that most "honest" hackers will simply use the
internet
access, and hopefully choose to honour the privacy of my secure
network that gives access to my house.

Of course, in order to do this, I have to have a fairly high-end
firewall. But given I make a living doing infrastructure consultancy,
I got given one my a client :-)

Regards,

Mark

--- In ukha_d@xxxxxxx, "Paul" <p-gale@b...> wrote:
> The reason I asked (and hi-jacked the thread ;)  )  was for that
very reason - to stop my neighbours and any one else getting ANY kind
of access to my network. ????????
>
> Paul.
>
>
>
> -----Original Message-----
> From: Chris Bond [mailto:chris@xxxxxxx...]
> Sent: 12 June 2003 13:54
> To: ukha_d@xxxxxxx
> Subject: Re: [ukha_d] Wireless transfer rates.
>
>
>
> > No, you retain your existing network infrastructure (even the
Internet)
> > but run the appropriate VPN software at both ends to handle the
> > authentication and encryption.
>
> Only problem then though is if people come of the sreet onto your
wifi and
> you have a router with broadband - away they go if they know what
there
> doing.  VPN will allow encrypt the local traffic - less im missing
> something.....
>
> Kind Regards,
> Chris Bond
>
>
>
>
>
>
> Yahoo! Groups Sponsor
>
>
>
> ADVERTISEMENT
>
<http://rd.yahoo.com/M=254369.3358735.4715258.1456760/D=egroupweb/S=17
05041992:HM/A=1627004/R=0/SIG=1301m0j0i/*http:/www.deere.com/en_US/hom
eowners/specialoffers/0_0_0_yahoo.html?refsite=yahoo&banner=LREC>
click here
>
>
>   <http://us.adserver.yahoo.com/l?
M=254369.3358735.4715258.1456760/D=egroupmail/S=:HM/A=1627004/rand=636
883142>
>
>
> ** UKHA2004 BE THERE! ** - start planning now.
>
> http://www.automatedhome.co.uk
> Post message: ukha_d@xxxxxxx
> Subscribe:  ukha_d-subscribe@xxxxxxx
> Unsubscribe:  ukha_d-unsubscribe@xxxxxxx
> List owner:  ukha_d-owner@xxxxxxx
>
> Your use of Yahoo! Groups is subject to the Yahoo!
<http://docs.yahoo.com/info/terms/>
 Terms of Service.
>
>
>
> [Non-text portions of this message have been removed]



Home | Main Index | Thread Index

Comments to the Webmaster are always welcomed, please use this contact form . Note that as this site is a mailing list archive, the Webmaster has no control over the contents of the messages. Comments about message content should be directed to the relevant mailing list.