Nerius Landys skrev:
Thank you all for your suggestions.  This will be a project for me
over the holidays.  I decided to go the standalone wireless router
approach.  I will need to figure out how to configure my standalone
wireless router to "pass everything through" to the internal LAN that
I already have.  Also I don't know too much about security, like how
to prevent eavesdroppers from connecting to my internal network.  One
of you mentioned access lists, and I assume that means I tell the
wireless router which MAC addresses it accepts, and nothing else.  Is
there any other way to provide security?  Like a password-protected
network?  What are the buzzwords for these security schemes?  Which
security scheme do you recommend for preventing random people within
proximity from connecting to my internal netowrk?
_______________________________________________ mailing list
To unsubscribe, send any mail to ""


No virus found in this incoming message.
Checked by AVG - Version: 8.0.176 / Virus Database: 270.10.0/1861 - Release Date: 2008-12-22 11:23

Hello again Nerius,

You have understood the MAC filtering correctly. You should also encrypt the wifi traffic by using at least WPA encryption. For most wifi routers this is a checkbox and a key or a passphrase that you enter. All clients that wants access and have their MAC address in the access list will have to enter the passphrase/key on the first connect.

This means that you control the MAC address list - all new wifi devices that wants to connect to your wifi LAN needs to get added to the MAC access list - manually by you. You also control the encryption passphrase - all wifi clients that wants to connect to your wifi LAN need to know the encryption passphrase. If you use WPA for encryption you will have a higher degree of security than using the old and hackable WEP.

Of course both the MAC list and the encryption key/passphrase are stored in the wifi router - so if you don't set a proper password for admin access to this one - all is lost. You should disable wireless access for admin (remote management) to it - only allow cabled access and use a good strong password.

Buzzwords? I dunno - I hope people on the mailing list help me out here... Is there a better/simpler way of doing this?



For a good laugh ... Enjoy Jason Dixons presentations from the BSDcon on or

_______________________________________________ mailing list
To unsubscribe, send any mail to ""

Reply via email to