Thanks for all the replies. I ended up purchasing a D-Link unit and am very impressed with it. It appears to have a stronger wireless signal, more flexibility configuring the firewall, and faster throughput. The faster throughput may be due to the fact that I reconfigured some components. It hasn't been stressed enough yet to say for sure, but it appears that the connectivity problems have been resolved as well. The D-Link gets 2 thumbs up :) Currently I am using standard wep encryption but will look into configuring it to only allow configured mac addresses as well. Cheers, Mike
On Sat, 2003-11-29 at 22:23, Doug Chamberlin wrote:
[...] Err, why not a Linksys wireless router/firewall?
Or a Linux firewall with a basic WAP hanging off a protected interface?
Unfortunately, such a critter seems to cost nearly as much the full-blown, wireless router/firewall products, but they're still a bit less if you can find them.
I found Netgear and Buffalo units locally, for about $120, with a preference for the latter as it has MANY more configuration options for logging and security.
I use the basic 802.11 features to protect the link (WEP/WPA, MAC filtering), and count on my Linux firewall to protect me from wireless "outsiders" just as I expect it to protect me against Internet-based "outsiders". This gives me an extra layer of protection from wireless They have to get IN to the wireless network -- harder but theoretically not impossible -- and then past my firewall rules to actually DO anything, at which point hopefully snort and arpwatch have alerted me). True, a commercial product does the basics, and far more simply. But then, I wouldn't be using Linux for security if I wanted to take the easiest route.
I'm checking out the host-based AP efforts, but haven't made that jump quit yet. I do like the little commercial products, as they'll fit into tight places to allow better antenna coverage.
- Bob
_______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug