Jump to content
Linux_Inside V2

How Paranoid are you?

Recommended Posts

I have WEP enabled with a 64bit key, if anyone wants to hack into my connection so bad they can steal all the games they want. Or even put a virus on my pc. But meh, its never going to happen! WEP is where its at i rekon, or WPA what ever turns you on!

Share this post


Link to post
Share on other sites

I wouldn't be talking about filtering by MAC on the DHCP server, it'd be a firewall rule

 

Problem is that it'd only restrict comms to the server rather than the rest of the network.

 

Ahh I see. Makes a bit more sense. Thats a valid measure imo... at least while the network is flat.

Share this post


Link to post
Share on other sites

I live on a farm and my closest neighbour is about 3km's up the road. Good luck to them on trying to pick it up!

I bet the broadband is fast out in them parts too :P

 

It's not too bad actually. We're with BBNet and have wireless broadband running at 1.5 Mb/s. It's no ADSL +2 but it's not too bad. Our plan is 5GB on peak 5GB off peak. So i still get to see Uncle Torrent once in a while.

Share this post


Link to post
Share on other sites

I'm really paranoid about someone leeching my wireless.

 

I have WPA and Mac Address Filtering on my wireless network.

 

Planning on upgrading the network to N soon, so will be getting a WPA2 compliant device.

Share this post


Link to post
Share on other sites

WPA2-PSK with a suitably long key, may switch to an EAP solution at some point but WPA2 with AES provides enough security when all the neighbours have WPA at best.

 

Hand configured iptables firewall on a gnu/linux based router (Sun sparc64) with default drop rules. Require Pubkey auth on SSH with root blocked.

 

If your really paranoid put your wireless lan into a VLAN (my AP supports up to 16 SSID's that can be on seperate VLAN's) and force traffic through a firewall before it hits your internal network, or require the use of SSH tunnels/VPN to access the internal network. I wouldn't bother with Mac Address Filtering, to much maintenance for no real benefit.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×