Once again I have to thank my brother, who supplies me with hardware, fast and cheap. This time he got me D-Link DWL-G520 wireless card (PCI). I plugged it into my home server (appologies for a few short downtimes), downloaded and installed madwifi drivers from ATrpms, and go immediately connected with my notebook. Everything works extremely well.
Now I have to think about securing the wireless network. Previously, I was thinking to ignore the issue due to the lack of competent neighbors, but when I scanned looked around and found as many as 4 wireless networks within my reach, I reconsidered.
The question now is which option to choose? WEP, WPA-PSK, VPN? I don’t want to spend a lot of time on this, and I have somewhat contradicting requirements - I want to easily provide network connectivity to my guests, but I don’t want every passer-by to use my connection. Hopefully, I’ll figure this all out before someone else will mess things up. (Hint for bad guys: please, stay away for some time).
13 responses so far ↓
1
Constantinos Kouloumbris
// Mar 24, 2006 at 6:45 am
For my home wifi network I use WPA2 Personal. I am also trying to do a VPN Server so that when I have to change things on the linux machine I’ll have to be in the network. But I can’t make it work. If I could I might change the WPA2 Personal to VPN Only.
I hope I didn’t confuse you more…
2
Leonid Mamchenkov
// Mar 24, 2006 at 9:51 am
LOL
:) 
3
Lev Shuvalov
// Mar 24, 2006 at 12:04 pm
You like China, do you? Therefor WAPI
4
Grigory
// Mar 24, 2006 at 1:29 pm
WEP is considered as very vulnerable.
Yes, it is better to use any WPA.
5
Leonid Mamchenkov
// Mar 24, 2006 at 2:06 pm
Lev,
Yes, indeed, I like China. But not that much!
P.S.: Interesting to note that my China loving post was written almost exactly a year ago.
6
Leonid Mamchenkov
// Mar 24, 2006 at 2:08 pm
Grigory,
And so I’ve heard.
Still, better than nothing, and might be just enough for the home network.
WPA is a pain to setup. Or at least it looks so from the first glance.
Maybe I should just leave everything as it is.
Just a thought.
7
Grigory
// Mar 27, 2006 at 12:51 pm
It’s up to you. But keep in mind following
WPA is considered to be more easy to configure then WPE. WPE rely on long hexadecimal string which needs to entered at each device. Some devices might support ASCII, but still not all. In WPA alphanumeric string is used. (May be you was confused with WPA Enterprise, which uses RADIUS server?)
With WEP - If somebody attacks your network he will probably succeed.
But WEP is supported by all cards while WPA is not supported by old cards.
Anyway check two thing:
See if WEP is enabled, as manufacturers like to disable it.
Change default passwords - it is first what bad guys try.
8
Leonid Mamchenkov
// Mar 28, 2006 at 12:06 am
Thanks Grigory, I’ll check it out.
By the way, something sounded confusing:
vs.
Aren’t hexadecimal strings a subset of alphanumeric ones?
Regarding:
The terminology is confusing indeed. I’ve read that WPA requires a radius server, while WPA-PSK operates on fixed keys.
9
Grigory
// Mar 28, 2006 at 8:51 pm
Yes, my fault. It’s better to say in this way – WEP implementation of each device relay on manufacturer chosen subset, like hexadecimal string. So, connecting devices from different manufacturers may be confusing. WAP does not have such problem as it rely on alphanumeric one.
There are two WPA: WPA personal (WP-PSK) with, yes, fixed keys and WPA enterprise with RADIUS server, certificates and like this stuff.
Very easy to choose:)
10
Leonid Mamchenkov
// Mar 29, 2006 at 12:03 am
Thanks for the clearing of confusion.
11
Grigory
// Mar 29, 2006 at 11:59 am
Did You really understand what I tried to explain in English?:) By myself I hardly can understand that
12
Leonid Mamchenkov
// Mar 29, 2006 at 12:20 pm
I got it just fine.
13 Blog of Leonid Mamchenkov » Minimum security. You are welcome. // Apr 18, 2006 at 3:15 pm
[...] I am talking about the security of my home WiFi access point. It was wide open until now. And I am not going to spend a lot of time on locking it down. I am not going to use any encryption - not WEP, not WPA, nothing. It’s just not worth it. All my sensitive communications are already encrypted anyway (HTTPS and SSH). And I don’t care a bit beyond that. [...]
Leave a Comment