Number of wireless clients per WRT54GL?
Kurt Granroth
kurt+plug-discuss at granroth.com
Sat Sep 8 12:43:07 MST 2007
Bill Lindley wrote:
> Alan Dayley wrote:
>> The clients would be doing "office" stuff like file sharing,
>
> I'd be concerned about file sharing over a wireless network, because of
> the potential of corruption when airplanes fly overhead, and because
> anyone within a few hundred feet will be able to penetrate wireless
> networks even when allegedly 'secured.' At the least, do you want some
> kid in the parking lot using the office SMTP server to send spam,
> leading to the ISP shutting down the connection?
I can't say I've ever heard of airplanes flying overhead causing
problems. Can you explain what's going on there? Corruption shouldn't
be an issue either since TCP/IP is pretty good about dealing with
dropped and/or corrupted packets.
Wireless security isn't quite as bad as it used to be. Some are
actually quite secure. Here's a quick run-down:
WEP - Completely broken. It's worth using only to keep out the
ultra-casual sniffers or browsers.
WPA-PSK (Pre shared key) - Good! It's secure enough that the only real
way to crack in is a brute dictionary approach on the shared password.
It's probably easier to do social engineering to get the password.
WPA2-PSK (with AES) - Even better. Still can be beat by having easy to
guess passwords, though.
WPA2-RADIUS - Great! Needs a central Radius server (can be done via
FreeRADIUS). This is strong enough that the computation to crack it is
completely unfeasible. The only real way to crack it is via a rubber
hose attack (i.e., "give me the cert or I'll beat you over the head with
this rubber hose).
If you are ultra paranoid, then you can go a step farther and use a VPN
method. This way, you'd leave the access point wide open (no
encryption) but the only host (may be the access point itself) that can
be accessed is a VPN gateway. Any computer could get on the wireless
network, but they couldn't actually *do* anything unless they
authenticate with the VPN. Routers like the Linksys WRT54G can be setup
to have OpenVPN running directly on the router itself.
> Physical connections will always offer higher speeds and better security.
True!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20070908/d06834f1/attachment.pgp
More information about the PLUG-discuss
mailing list