[ale] kimset

cfowler cfowler at outpostsentinel.com
Wed Feb 12 10:46:14 EST 2003


Also in this  case if you use 192.168.5.0 as your wireless network, then
allow only the machine that is running the VPN server software know of
this segment.  Plug it into a dedicated card.  Then the VPN client
on the clients of that machine then could magically get an address on
192.168.1.0 if that is your private network.





On Wed, 2003-02-12 at 10:42, cfowler wrote:
> Yep this would be good.  Because by default you would have to have an IP
> address for the VPN to get access to network resources as well as the
> internet itself.  Then the packets may be of no good.
> 
> PopTop a good solution for Winbloze and Linux clients?
> 
> 
> 
> 
> On Wed, 2003-02-12 at 10:37, James P. Kinney III wrote:
> > If a certificate based VPN is used to gain access to the network, then
> > only those who are authorized gain any access at all. The war-driver
> > will see a wireless signal and can get an IP address, but that's as far
> > as it goes. Of course, this does require a dedicated PC to serve as the
> > head end for the VPN. A spare old pentium box to allow connections from
> > 3-4 wireless connections should be no problem.
> > 
> > wireless client<-->AP<-->VPN box<-->LAN<-->Firewall/gateway<-->Internet
> > 
> > d, 2003-02-12 at 09:56, cfowler wrote:
> > > A VPN is part of an acceptable solution.  But that only protects the
> > > data in that tunnel.  the #1 problem is that 802.11b allows anyone to
> > > :"plug-in".  Its the same as me dragging a 100' piece of cat-5 from my
> > > 100mb switch to the curb at home.  Anyone can plug that in and I can not
> > > stop them.  What I have to do is secure it and make it difficult to
> > > plug-in so that someone may not be motivated enough to do it.
> > > 
> > > 
> > > On Wed, 2003-02-12 at 09:45, Geoffrey wrote:
> > > > Jonathan Rickman wrote:
> > > > 
> > > > > My personal opinion is that 802.11b can never be secured. The design is
> > > > > flawed. The newer standards will improve on this. 802.11b networks should
> > > > > be treated just like the public Internet, totally untrusted.
> > > > 
> > > > So, in your opinion, a vpn over 802.11b is an acceptable solution?
> > > > 
> > > > -- 
> > > > Until later: Geoffrey		esoteric at 3times25.net
> > > > 
> > > > The latest, most widespread virus?  Microsoft end user agreement.
> > > > Think about it...
> > > > 
> > > > _______________________________________________
> > > > Ale mailing list
> > > > Ale at ale.org
> > > > http://www.ale.org/mailman/listinfo/ale
> > > 
> > > 
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org
> > > http://www.ale.org/mailman/listinfo/ale
> > -- 
> > James P. Kinney III          \Changing the mobile computing world/
> > CEO & Director of Engineering \          one Linux user         /
> > Local Net Solutions,LLC        \           at a time.          /
> > 770-493-8244                    \.___________________________./
> > http://www.localnetsolutions.com
> > 
> > GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
> > Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale






More information about the Ale mailing list