Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication)
On Thu, 8 Dec 2005, Marlon K. Schafer (509) 982-2181 wrote: Or use bridged radios and anyone's dsl/cable router. Linksys, Belkin, Netgear, they all do pppoe. But then you are back to the possibility of someone hooking up the dsl router backwards. With the radio I mentioned, this is not possible, since they are all one device. -- Butch Evans BPS Networks http://www.bpsnetworks.com/ Bernie, MO Mikrotik Certified Consultant (http://www.mikrotik.com/consultants.html) -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication)
Or use bridged radios and anyone's dsl/cable router. Linksys, Belkin, Netgear, they all do pppoe. Marlon (509) 982-2181 Equipment sales (408) 907-6910 (Vonage)Consulting services 42846865 (icq)And I run my own wisp! 64.146.146.12 (net meeting) www.odessaoffice.com/wireless www.odessaoffice.com/marlon/cam - Original Message - From: "Butch Evans" <[EMAIL PROTECTED]> To: "WISPA General List" Sent: Friday, December 02, 2005 6:58 PM Subject: Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication) On Fri, 2 Dec 2005, Jason wrote: How do you other (small) WISPs do this? You can use something like this: http://tinyurl.com/duy7z This radio supports PPPoE. This would allow you to set your client's computer up for DHCP, and you still have PPPoE authentication to the network. There are other manufacturers who make a similar radio, though I don't know for sure who to send you to. I have had NO issues with this radio. -- Butch Evans BPS Networks http://www.bpsnetworks.com/ Bernie, MO Mikrotik Certified Consultant (http://www.mikrotik.com/consultants.html) -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication)
Marlon, I appreciate the advice. Mostly I am interested in bullet proof authentication of my clients. Any suggestions? Jason Marlon K. Schafer (509) 982-2181 wrote: Hiya Jason, You are mixing your networks You won't normally run a homebrew product to provide a top notch service. If security is of THAT great an importance to you, you should NOT run wifi anything. Put in something much more off the wall. It's a lot harder to snoop if you don't use one of the world's most common protocols. For these business guys I'd run Trango or something like that. Good stuff but not nearly as much of it in use and no free tools on the internet for intercepting and cracking the data stream. What we do is remind our customers that this is the internet. They are hanging out there for thousands upon thousands of people who's only purpose in life is breaking into their machines and seeing what they can learn. If they have data that's that sensitive then they need a high end internal firewall and they need to VPN all internet traffic. That help? Marlon (509) 982-2181 Equipment sales (408) 907-6910 (Vonage)Consulting services 42846865 (icq)And I run my own wisp! 64.146.146.12 (net meeting) www.odessaoffice.com/wireless www.odessaoffice.com/marlon/cam - Original Message - From: "Jason" <[EMAIL PROTECTED]> To: "WISPA General List" Sent: Friday, December 02, 2005 3:20 PM Subject: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication) List, I am on the precipice, ready to take the plunge and become a WISP (After 1 year of zoning, permits, 16 hr days, etc), but one thing still bothers me. I haven't decided how to authenticate clients to my network and REALLY protect their data. The CPE's I will use, rootenna/Senao2611 combos, do only WEP, which only obfuscates data nowadays. MAC addresses can be cloned. Proxy login via a browser is obnoxious for the end user. Ditto PPPoE & VPN logins. There is just no elegant, KISS solution. I was looking at PPPoE or PPTP (poptop/linux) with Radius as my system, since this would accomplish it, but seems like so much trouble and overhead. PPTP is not Mac friendly, PPPoE requires clients (gasp) or a router (gack!) and the PPPoE server shipping with Linux is meant "for testing purposes only - man". I want an Always On (apparently) system for my clients that just works. How do you other (small) WISPs do this? Tangent: How do you Senao 2611 users keep Netbios & windows network neighborhood data off the wireless network. I was told to add a SOHO router to the mix, but don't want to invest in more equipment to maintain. Jason Wallace -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication)
Hiya Jason, You are mixing your networks You won't normally run a homebrew product to provide a top notch service. If security is of THAT great an importance to you, you should NOT run wifi anything. Put in something much more off the wall. It's a lot harder to snoop if you don't use one of the world's most common protocols. For these business guys I'd run Trango or something like that. Good stuff but not nearly as much of it in use and no free tools on the internet for intercepting and cracking the data stream. What we do is remind our customers that this is the internet. They are hanging out there for thousands upon thousands of people who's only purpose in life is breaking into their machines and seeing what they can learn. If they have data that's that sensitive then they need a high end internal firewall and they need to VPN all internet traffic. That help? Marlon (509) 982-2181 Equipment sales (408) 907-6910 (Vonage)Consulting services 42846865 (icq)And I run my own wisp! 64.146.146.12 (net meeting) www.odessaoffice.com/wireless www.odessaoffice.com/marlon/cam - Original Message - From: "Jason" <[EMAIL PROTECTED]> To: "WISPA General List" Sent: Friday, December 02, 2005 3:20 PM Subject: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication) List, I am on the precipice, ready to take the plunge and become a WISP (After 1 year of zoning, permits, 16 hr days, etc), but one thing still bothers me. I haven't decided how to authenticate clients to my network and REALLY protect their data. The CPE's I will use, rootenna/Senao2611 combos, do only WEP, which only obfuscates data nowadays. MAC addresses can be cloned. Proxy login via a browser is obnoxious for the end user. Ditto PPPoE & VPN logins. There is just no elegant, KISS solution. I was looking at PPPoE or PPTP (poptop/linux) with Radius as my system, since this would accomplish it, but seems like so much trouble and overhead. PPTP is not Mac friendly, PPPoE requires clients (gasp) or a router (gack!) and the PPPoE server shipping with Linux is meant "for testing purposes only - man". I want an Always On (apparently) system for my clients that just works. How do you other (small) WISPs do this? Tangent: How do you Senao 2611 users keep Netbios & windows network neighborhood data off the wireless network. I was told to add a SOHO router to the mix, but don't want to invest in more equipment to maintain. Jason Wallace -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
