Wireless router?

Roger Olofsson 240olofsson at telia.com
Tue Dec 23 13:31:54 UTC 2008

Nerius Landys skrev:
> Thank you all for your suggestions.  This will be a project for me
> over the holidays.  I decided to go the standalone wireless router
> approach.  I will need to figure out how to configure my standalone
> wireless router to "pass everything through" to the internal LAN that
> I already have.  Also I don't know too much about security, like how
> to prevent eavesdroppers from connecting to my internal network.  One
> of you mentioned access lists, and I assume that means I tell the
> wireless router which MAC addresses it accepts, and nothing else.  Is
> there any other way to provide security?  Like a password-protected
> network?  What are the buzzwords for these security schemes?  Which
> security scheme do you recommend for preventing random people within
> proximity from connecting to my internal netowrk?
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
> ------------------------------------------------------------------------
> No virus found in this incoming message.
> Checked by AVG - http://www.avg.com 
> Version: 8.0.176 / Virus Database: 270.10.0/1861 - Release Date: 2008-12-22 11:23

Hello again Nerius,

You have understood the MAC filtering correctly. You should also encrypt 
the wifi traffic by using at least WPA encryption. For most wifi routers 
this is a checkbox and a key or a passphrase that you enter. All clients 
that wants access and have their MAC address in the access list will 
have to enter the passphrase/key on the first connect.

This means that you control the MAC address list - all new wifi devices 
that wants to connect to your wifi LAN needs to get added to the MAC 
access list - manually by you. You also control the encryption 
passphrase - all wifi clients that wants to connect to your wifi LAN 
need to know the encryption passphrase. If you use WPA for encryption 
you will have a higher degree of security than using the old and 
hackable WEP.

Of course both the MAC list and the encryption key/passphrase are stored 
in the wifi router - so if you don't set a proper password for admin 
access to this one - all is lost. You should disable wireless access for 
admin (remote management) to it - only allow cabled access and use a 
good strong password.

Buzzwords? I dunno - I hope people on the mailing list help me out 
here... Is there a better/simpler way of doing this?



For a good laugh ... Enjoy Jason Dixons presentations from the BSDcon on 
http://www.youtube.com/watch?v=g7tvI6JCXD0&feature=channel_page or 

More information about the freebsd-questions mailing list