[TriLUG] why not IPSec for encryption for wifi
Greg Brown
gwbrown1 at gmail.com
Wed Jul 26 09:40:08 EDT 2006
Yes, but your AP doesn't have to be open (i.e. non encrypted). I had one
set up, albeit briefly, were you would be challenged for a WEP password to
join the network initially (and the password would then be stored in your
profile) but then each time you wanted to use the network you would be
challenged by the capture and release portal. This helped overcome the
weakness of WEP to keep people out but non-ssl data could still have been
decrypted I suppose. Anyway, after I moved to WPA I kind of abandoned this
approach. But it worked really well even though it was more of a test then
anything else.
The most comprehensive suite of information for capture and release on Linux
that I have seen can be found at NoCat (http://nocat.net/). Tons of useful
information there.
I set up my C-and-R system using M0n0wall firewall software (it's built
in).
It's really a nice system. In fact I have a wide open network at the outer
banks that I'm going to set up a C and R system on this fall. I average
about 100 users a day on that network so it needs a system put in place.
Badly.
On 7/26/06, Jason <jason at monsterjam.org> wrote:
>
> On Wed, Jul 26, 2006 at 08:56:11AM -0400, Greg Brown wrote:
> > Or just set up a radius capture and release portal with ssl password
> > encryption. You won't have to mess with VPN clients or VPN servers that
> > way. IPSec just seems way overkill for this. But it's a fun projec
> > nevertheless.
>
> is this were you connect to an open AP via the webpage and it asks for
> your
> username/password?? Ive always wanted to set that up but never knew what
> it was called. You have any links to how to set one up on linux?
>
> Jason
>
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>
More information about the TriLUG
mailing list