Re: Number of wireless clients per WRT54GL?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M+\MMichael Sammartano at <-
MMMMKurt Granroth at ->
Attachments:
Message as email
+ (text/plain)
+ signature.asc (application/pgp-signature)
+ (text/plain)
Delete this message
Reply to this message
Author: Kurt Granroth
Date:  
To: Main PLUG discussion list
Subject: Re: Number of wireless clients per WRT54GL?
Bill Lindley wrote:
> Alan Dayley wrote:
>> The clients would be doing "office" stuff like file sharing,
>
> I'd be concerned about file sharing over a wireless network, because of
> the potential of corruption when airplanes fly overhead, and because
> anyone within a few hundred feet will be able to penetrate wireless
> networks even when allegedly 'secured.' At the least, do you want some
> kid in the parking lot using the office SMTP server to send spam,
> leading to the ISP shutting down the connection?

I can't say I've ever heard of airplanes flying overhead causing
problems. Can you explain what's going on there? Corruption shouldn't
be an issue either since TCP/IP is pretty good about dealing with
dropped and/or corrupted packets.

Wireless security isn't quite as bad as it used to be. Some are
actually quite secure. Here's a quick run-down:

WEP - Completely broken. It's worth using only to keep out the
ultra-casual sniffers or browsers.

WPA-PSK (Pre shared key) - Good! It's secure enough that the only real
way to crack in is a brute dictionary approach on the shared password.
It's probably easier to do social engineering to get the password.

WPA2-PSK (with AES) - Even better. Still can be beat by having easy to
guess passwords, though.

WPA2-RADIUS - Great! Needs a central Radius server (can be done via
FreeRADIUS). This is strong enough that the computation to crack it is
completely unfeasible. The only real way to crack it is via a rubber
hose attack (i.e., "give me the cert or I'll beat you over the head with
this rubber hose).

If you are ultra paranoid, then you can go a step farther and use a VPN
method. This way, you'd leave the access point wide open (no
encryption) but the only host (may be the access point itself) that can
be accessed is a VPN gateway. Any computer could get on the wireless
network, but they couldn't actually *do* anything unless they
authenticate with the VPN. Routers like the Linksys WRT54G can be setup
to have OpenVPN running directly on the router itself.

> Physical connections will always offer higher speeds and better security.

True!

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Number of wireless clients per WRT54GL?Re: Number of wireless clients per WRT54GL?->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)