From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LSe1i-0000Ru-Si for garchives@archives.gentoo.org; Thu, 29 Jan 2009 21:02:19 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DBAD3E0484; Thu, 29 Jan 2009 21:02:17 +0000 (UTC) Received: from mail-qy0-f20.google.com (mail-qy0-f20.google.com [209.85.221.20]) by pigeon.gentoo.org (Postfix) with ESMTP id B17C3E0484 for ; Thu, 29 Jan 2009 21:02:17 +0000 (UTC) Received: by qyk13 with SMTP id 13so245240qyk.10 for ; Thu, 29 Jan 2009 13:02:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=TGWu+kBjqjn5zW3Cp7hhUVyMs1ZTODhRc3tN71nCB9Y=; b=YYI33xbkKE028cGU7KH3ntCUSgx1npq/RMbdt6PdT6EtHYCfXKgP1Svxy0ClJ9CPQy +eJOmMqgULnJYEqsVnsE3mI30DK+IKM8/iA8pYeQCtFhFHsvXbnLWDH8Xm5ea7rHXVBz s+qtMK45gBzhCFDjEIRD9t+MBjqD0Li3eQoNk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=mHn5onNYTsna3WKLF6iJLrdyzyko90Ah4p4+9VTVnRWl7W8EUyZ0L+ywfn/3ztCh43 qL9ElkcIwUL0ruX7tRm3eZz0yZLsPaiZI6E22wBL2QaX3/S6/voMvyulocnNmq7icadX p14OLq6mgWMtGnnd6H8OFcDdo1VaYQRC037NU= Received: by 10.214.244.17 with SMTP id r17mr961385qah.165.1233262936958; Thu, 29 Jan 2009 13:02:16 -0800 (PST) Received: from gentoo-everex.local ([66.194.104.5]) by mx.google.com with ESMTPS id 9sm584496yws.54.2009.01.29.13.02.15 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 29 Jan 2009 13:02:16 -0800 (PST) Message-ID: <49821955.8030700@gmail.com> Date: Thu, 29 Jan 2009 16:02:13 -0500 From: Saphirus Sage User-Agent: Thunderbird 2.0.0.19 (X11/20081231) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Locking down a wireless network References: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> <58965d8a0901290950v3183b14bra1ca458c3ee255d9@mail.gmail.com> <49bf44f10901291239r569fd20eo758f40533b80ecdd@mail.gmail.com> <58965d8a0901291258y58e8f8acw31eda17049a66155@mail.gmail.com> In-Reply-To: <58965d8a0901291258y58e8f8acw31eda17049a66155@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 8e041354-e1d6-4a7b-aac1-cb4d8c830113 X-Archives-Hash: 154eddb069cc832331b703a2accc558c Paul Hartman wrote: > On Thu, Jan 29, 2009 at 2:39 PM, Grant wrote: > >>>> My Gentoo router's wireless network is encrypted via WPA and doesn't >>>> DHCP. I'd like to take this a step further in case my WPA key gets >>>> hacked. Can I issue only certain IPs to certain MAC addresses? >>>> >>>> Does WPA2 require hardware support? >>>> >>> I don't think so. It should just be a driver/firmware update if you've >>> got some device that supports WPA and not WPA2. The AES encryption of >>> WPA2 requires a little more hardware power than WEP or WPA normally >>> uses, but I don't think it needs any special chip or anything like >>> that. >>> >>> You can also do VPN over your wifi connection, and require it for >>> access to the rest of your network or the internet. At least then if >>> someone hacks your wireless key, they still can't do anything without >>> having your VPN certificate. >>> >> Actually, VPN would rule out my wifi cell phone I bet. >> > > Maybe not -- I don't know what kind of phone you've got. I have a > Nokia N95 which runs Symbian OS 9 and there are 3 VPN clients that I > know of (and the first one is free): > > http://www.businesssoftware.nokia.com/mobile_vpn_downloads.php > http://www.ncp-e.com/en/vpn-szenarien-produkte/vpn-produkte/secure-entry-client.html > http://www.symvpn.com/Products/ProductInfo.aspx?ProductId=17 > > I believe Windows Mobile devices have VPN support built in, but I've > never tried it. For iPhone or other phone OS i have no idea as I've > never actually used them. > > Paul > > The iPhone has support for L2TP, PPTP and minor support for IPSec (if ti's through cisco), all standard in the firmware releases.