Wayne Stallwood wrote:
On Wednesday 19 February 2003 17:36, Craig wrote:
Can you actually prevent crackers from using your network?
Not really, the best you can do on any wireless network is make it as hard as possible.
You can setup wireless networks securely, but it takes alot of time a knowledge (neither of which I have much of at the moment ;). Using dynamic wep keys, EAP-TLS and client/server side certificates it is possible to have a secure connection.
128Bit WEP will deter all but the most dedicated, with decent kit you could also implement MAC lockdown (but then you would have to administer the addition of new interfaces)
yup...
At the gateway, run a proxy with authentication maybe. Depends on what you are worried about, if it's unauthorised people using your connection then these measures should do, but if you are worried about internet traffic being snooped then you really shouldn't be using the internet at all :o)
I believe the wireless hotspots in London have this arrangement, anybody can associate with the AP, but there is a proxy to conenct to the Internet... only a good solution if the proxy uses HTTPS to authenticate (for obvious reasons ;)
Do bear in mind though that WEP can really kill performance, more so in the case of multi hop networks (configuring WLAN APs as repeaters) Not a problem if you are running a AP to connect your laptop to your ADSL line, but in the case of building a larger network it may become an issue.
Also be careful with high gain antenna arrays, I'm pretty sure that there are Legal limitations regarding Effective Radiated Power for the 2.4GHz band. Regardless of the power output of your equipment if you attach a high gain antenna to it you could be causing other users of the same band some problems.
afaik this is correct, however if you purchase a wireless card where you can turn down the TX power you can attach a directional antenna and still be within the legal ERP limitations, although don't quote me on that ;)
Sz