Re: https & ssh the only wifi security necessary?

Tue, 05 Jul 2005 12:17:03 -0700 

Does everyone do the wifi security thing or just rely on
ssh and https to carry the day?


In this context, you mean just to keep your data away from prying eyes.

But what about keeping ppl out of your WAP so they don't have access to 
your network, or use your network to get access to the Internet itself 
and use your bandwidth.


I thought that's what the ssh bit did.


Only if you either
a) tunnel specific ports, which is tedious to cover "all your bases"
b) ppp-over-ssh (which is a poor mans IPSec of some sorts if you want)


If these things concern you, you should use IPSec to only route WAP 
traffic if it passes through the IPSec layer, otherwise, drop it dead.


If you're going for that restrictive, why not just wire your house with
CAT5 and dispense with wireless entirely?



So that I don't have to run CAT5 across the living room floor while I 
sit in front of the TV



It's tempting to go the other way -- set up a public wireless access
point (but secure all personal data via ssh/https/ipsec) with some sort
of bandwidth-throttling or priority mechanism that allocates bandwidth
that I am not currently using to the public service.

We have warring interests -- the gift-culture nature, and the security
sensibilities, and the desire for our gift-giving to not affect us in
any way...


I actually leave mine wide open, and have done for years.

Since I don't pay $/MB, and Cox gives me about 4Mbps (now, 2.5Mbps 
previously), I don't worry too much about b/w usage.



But when I setup my brothers in Australia over Xmas, I went the whole 
hog, becoz it was for his film company, and


a) they pay $/MB
b) they don't want anyone stealing their productions off their computers


--
Michael O'Keefe                      |          [EMAIL PROTECTED]
Live on and Ride a 03 BMW F650GSDakar|          [EMAIL PROTECTED]      / |
I like less more or less less than   |Work:+1 858 845 3514        /  |
more. UNIX-live it,love it,fork() it |Fax :+1 858 845 2652       /_p_|
My views are MINE ALONE, blah, blah, |Home:+1 760 788 1296       \`O'|
blah, yackety yack - don't come back |Fax :+1 858                _/_\|_,


--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list






















					Reply via email to