From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LSdfw-0005au-I9 for garchives@archives.gentoo.org; Thu, 29 Jan 2009 20:39:48 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 75015E0306; Thu, 29 Jan 2009 20:39:47 +0000 (UTC) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.156]) by pigeon.gentoo.org (Postfix) with ESMTP id 3479DE0306 for ; Thu, 29 Jan 2009 20:39:47 +0000 (UTC) Received: by fg-out-1718.google.com with SMTP id d23so83292fga.14 for ; Thu, 29 Jan 2009 12:39:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=i23MKv66V7LK++5+nMaztC0RxNVA61m7nCoWtbdy35w=; b=bpme0mCZ6dHhpno+UOJgtEUliwpXBoStnbrtH2f+ykAjfC7Sjz6KTGNtCYnzMnzg7d JHXmENOMgtg+numXA+4LiUusn1wxLDiBdUk5Ya6DGlkpl97D6baTxCV0JIW/GfdYRn2m 8Q2d8HvVyOlVs9bTYw5vjzXJNMWX7GSYT/New= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=PGIc319U18WHx3cSj0ITrF9Ri4+/CpWMhI/cnKLKLS1hqKD9R+2dfwEHwRT5cwR9N8 6RIy7vndWzegrzMDm2LELx+gVX+1Azy21mYYPtZzGH24yYrFsZ+36CtRrs9Fd9bnapO3 VCZlafIfeYj1gHEsZ0f3/VnrXiQ7XVhi1MykE= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.181.134.12 with SMTP id l12mr148125bkn.80.1233261586492; Thu, 29 Jan 2009 12:39:46 -0800 (PST) In-Reply-To: <58965d8a0901290950v3183b14bra1ca458c3ee255d9@mail.gmail.com> References: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> <58965d8a0901290950v3183b14bra1ca458c3ee255d9@mail.gmail.com> Date: Thu, 29 Jan 2009 12:39:46 -0800 Message-ID: <49bf44f10901291239r569fd20eo758f40533b80ecdd@mail.gmail.com> Subject: Re: [gentoo-user] Locking down a wireless network From: Grant To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 40213026-cc80-483b-b9d4-433cdf82ded7 X-Archives-Hash: fc284d18fccf3cfb420e5794afec4493 >> My Gentoo router's wireless network is encrypted via WPA and doesn't >> DHCP. I'd like to take this a step further in case my WPA key gets >> hacked. Can I issue only certain IPs to certain MAC addresses? >> >> Does WPA2 require hardware support? > > I don't think so. It should just be a driver/firmware update if you've > got some device that supports WPA and not WPA2. The AES encryption of > WPA2 requires a little more hardware power than WEP or WPA normally > uses, but I don't think it needs any special chip or anything like > that. > > You can also do VPN over your wifi connection, and require it for > access to the rest of your network or the internet. At least then if > someone hacks your wireless key, they still can't do anything without > having your VPN certificate. Actually, VPN would rule out my wifi cell phone I bet. - Grant