WAP ... which one?

[error]

> I am looking for a Wireless Access Point for my internal network.  I am going 
> to stick with 802.11b... and of course it will be on a mixed Linux network of 
> Debian, RedHat, SuSE.  Any recc. for brands.  I was looking at the D-Link 
> DWL-900AP+


The best access point I have ever used was a linksys WAP11.
Then there was that huge security hole.

So I would say the best anwser is to get your router (it is a linux box
right?) a pci-> pcmcia card and toss in anything with a prism2 chipset.

Then you can use (http://hostap.epitest.fi/) the host ap setup to be a
real ap.

This basically means that you don't need linksys or its ilk anymore it
is pretty much the same thing.

The only exception is that you get to run ssh (or anything else) on the
gateway and you can use ssh keys and a cron job to get a new wep key
everynight automagically.

It's easier to manage and it's more secure (for something that can't
secure layer 1 that is...).

But if you choose to get a stand alone ap make sure it's in your DMZ.

And never forget that with tools like kismet (kisMAC), Airsnort,
WepCrack and Wellenreiter are just as effective at testing your wep
strength as someone elses.

Also I would reccomend that you set up at least some sort of mini vpn.

That way if someone breaks your wep key (because you don't change it
everyday or in some reasonable time frame) they then have to break your
VPN (which was done with some trickery at defcon and blackhat this year
so watch your host keys!).

Using ssh and ppd you can make a basic vpn.

Give it a shot and tell us all how it went.


-- 
error <error at sonic.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://nblug.org/pipermail/talk/attachments/20021206/165a70be/attachment.pgp