Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication)

2005-12-08 Thread Marlon K. Schafer (509) 982-2181
Or use bridged radios and anyone's dsl/cable router.  Linksys, Belkin, 
Netgear, they all do pppoe.


Marlon
(509) 982-2181   Equipment sales
(408) 907-6910 (Vonage)Consulting services
42846865 (icq)And I run my own wisp!
64.146.146.12 (net meeting)
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam



- Original Message - 
From: Butch Evans [EMAIL PROTECTED]

To: WISPA General List wireless@wispa.org
Sent: Friday, December 02, 2005 6:58 PM
Subject: Re: [WISPA] How to Authenticate/Protect (Was Ethernet 
basedauthentication)




On Fri, 2 Dec 2005, Jason wrote:


How do you other (small) WISPs do this?


You can use something like this:
http://tinyurl.com/duy7z

This radio supports PPPoE.  This would allow you to set your client's 
computer up for DHCP, and you still have PPPoE authentication to the 
network.  There are other manufacturers who make a similar radio, though I 
don't know for sure who to send you to.  I have had NO issues with this 
radio.


--
Butch Evans
BPS Networks  http://www.bpsnetworks.com/
Bernie, MO
Mikrotik Certified Consultant
(http://www.mikrotik.com/consultants.html)
--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/



--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/


Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication)

2005-12-08 Thread Butch Evans

On Thu, 8 Dec 2005, Marlon K. Schafer (509) 982-2181 wrote:

Or use bridged radios and anyone's dsl/cable router.  Linksys, 
Belkin, Netgear, they all do pppoe.


But then you are back to the possibility of someone hooking up the 
dsl router backwards.  With the radio I mentioned, this is not 
possible, since they are all one device.


--
Butch Evans
BPS Networks  http://www.bpsnetworks.com/
Bernie, MO
Mikrotik Certified Consultant
(http://www.mikrotik.com/consultants.html)
--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/


Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication)

2005-12-05 Thread Marlon K. Schafer (509) 982-2181

Hiya Jason,

You are mixing your networks  You won't normally run a homebrew product 
to provide a top notch service.


If security is of THAT great an importance to you, you should NOT run wifi 
anything.  Put in something much more off the wall.  It's a lot harder to 
snoop if you don't use one of the world's most common protocols.


For these business guys I'd run Trango or something like that.  Good stuff 
but not nearly as much of it in use and no free tools on the internet for 
intercepting and cracking the data stream.


What we do is remind our customers that this is the internet.  They are 
hanging out there for thousands upon thousands of people who's only purpose 
in life is breaking into their machines and seeing what they can learn.  If 
they have data that's that sensitive then they need a high end internal 
firewall and they need to VPN all internet traffic.


That help?
Marlon
(509) 982-2181   Equipment sales
(408) 907-6910 (Vonage)Consulting services
42846865 (icq)And I run my own wisp!
64.146.146.12 (net meeting)
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam



- Original Message - 
From: Jason [EMAIL PROTECTED]

To: WISPA General List wireless@wispa.org
Sent: Friday, December 02, 2005 3:20 PM
Subject: [WISPA] How to Authenticate/Protect (Was Ethernet 
basedauthentication)




List,

   I am on the precipice, ready to take the plunge and become a WISP 
(After 1 year of zoning, permits, 16 hr days, etc), but one thing still 
bothers me.  I haven't decided how to authenticate clients to my network 
and REALLY protect their data.  The CPE's I will use, rootenna/Senao2611 
combos, do only WEP, which only obfuscates data nowadays. MAC addresses 
can be cloned.  Proxy login via a browser is obnoxious for the end user. 
Ditto PPPoE  VPN logins.  There is just no elegant, KISS solution.  I was 
looking at PPPoE or PPTP (poptop/linux) with Radius as my system, since 
this would accomplish it, but seems like so much trouble and overhead. 
PPTP is not Mac friendly, PPPoE requires clients (gasp) or a router 
(gack!) and the PPPoE server shipping with Linux is meant for testing 
purposes only - man.  I want an Always On (apparently) system for my 
clients that just works.


How do you other (small) WISPs do this?

   Tangent: How do you Senao 2611 users keep Netbios  windows network 
neighborhood data off the wireless network.  I was told to add a SOHO 
router to the mix, but don't want to invest in more equipment to maintain.


Jason Wallace
--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/



--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/


Re: [WISPA] How to Authenticate/Protect (Was Ethernet basedauthentication)

2005-12-05 Thread Jason

Marlon,

   I appreciate the advice.  Mostly I am interested in bullet proof 
authentication of my clients.  Any suggestions?


Jason

Marlon K. Schafer (509) 982-2181 wrote:


Hiya Jason,

You are mixing your networks  You won't normally run a homebrew 
product to provide a top notch service.


If security is of THAT great an importance to you, you should NOT run 
wifi anything.  Put in something much more off the wall.  It's a lot 
harder to snoop if you don't use one of the world's most common 
protocols.


For these business guys I'd run Trango or something like that.  Good 
stuff but not nearly as much of it in use and no free tools on the 
internet for intercepting and cracking the data stream.


What we do is remind our customers that this is the internet.  They 
are hanging out there for thousands upon thousands of people who's 
only purpose in life is breaking into their machines and seeing what 
they can learn.  If they have data that's that sensitive then they 
need a high end internal firewall and they need to VPN all internet 
traffic.


That help?
Marlon
(509) 982-2181   Equipment sales
(408) 907-6910 (Vonage)Consulting services
42846865 (icq)And I run my own wisp!
64.146.146.12 (net meeting)
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam



- Original Message - From: Jason [EMAIL PROTECTED]
To: WISPA General List wireless@wispa.org
Sent: Friday, December 02, 2005 3:20 PM
Subject: [WISPA] How to Authenticate/Protect (Was Ethernet 
basedauthentication)




List,

   I am on the precipice, ready to take the plunge and become a WISP 
(After 1 year of zoning, permits, 16 hr days, etc), but one thing 
still bothers me.  I haven't decided how to authenticate clients to 
my network and REALLY protect their data.  The CPE's I will use, 
rootenna/Senao2611 combos, do only WEP, which only obfuscates data 
nowadays. MAC addresses can be cloned.  Proxy login via a browser is 
obnoxious for the end user. Ditto PPPoE  VPN logins.  There is just 
no elegant, KISS solution.  I was looking at PPPoE or PPTP 
(poptop/linux) with Radius as my system, since this would accomplish 
it, but seems like so much trouble and overhead. PPTP is not Mac 
friendly, PPPoE requires clients (gasp) or a router (gack!) and the 
PPPoE server shipping with Linux is meant for testing purposes only 
- man.  I want an Always On (apparently) system for my clients that 
just works.


How do you other (small) WISPs do this?

   Tangent: How do you Senao 2611 users keep Netbios  windows 
network neighborhood data off the wireless network.  I was told to 
add a SOHO router to the mix, but don't want to invest in more 
equipment to maintain.


Jason Wallace
--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/




--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/