Do you have a question? Post it now! No Registration Necessary. Now with pictures!
November 26, 2005, 6:43 pm
rate this thread
(Mandriva). If I setup a VPN (Virtual Private Network) between my main PC
(home) and the second PC in my home that has the wifi modem (on second
floor in my home) [without WEP or WPA encryption], couldn't the VPN
security substitute for the lack of WEP/WPA encryption? I have ssid
broadcast turned off, and MAC filtering on, that is the best I can do--
but of course that is easily hacked-- so I figure setting up a VPN tunnel
should provide a secure communication, correct?
Also, with an open wifi system, even with VPN, what is the risk of a
hacker using the open wifi to hack into my box (PC)? Is that possible or
made easier compared to a wired communication (LAN cabling), even with
firewalling and a router, etc? Any ways to minimize that?
Re: No WEP/WPA, can VPN s
Encrypted VPN can substitute for WEP/WPA/WiFi/etc., but it has to be set
Set up the wired LAN so that access from the wireless access point MUST
use the VPN to access ANYTHING. That could mean sticking a small router
with packet filtering between the WAP and the LAN. It could mean using
a dedicated interface on a Linux box (the VPN endpoint) with a crossover
cable to the WAP and with a good netfilter ruleset. Use another IF to
connect to the wired LAN. (i.e., build a firewall)
Don't forget that your wireless workstations are also open to attack, so
lock out the incoming traffic (even before the VPN is established) and
prevent leakage of outbound traffic.
You should do those things with WEP/etc., anyway, but without it now
I've seen paranoid corporations deal with the reality of highly mobile
workforces exactly this way, where handing out encryption keys to a few
hundred/thousand people every day is too big a nightmare, even though
there isn't any technical barrier to doing it.
* Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out
--- Synchronet 3.15a-Win32 NewsLink 1.92
Time Warp of the Future BBS - telnet://time.synchro.net:24
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security