From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LSfAi-00021k-Nz for garchives@archives.gentoo.org; Thu, 29 Jan 2009 22:15:40 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1F2C8E053B; Thu, 29 Jan 2009 22:15:39 +0000 (UTC) Received: from mail-fx0-f20.google.com (mail-fx0-f20.google.com [209.85.220.20]) by pigeon.gentoo.org (Postfix) with ESMTP id B40A9E053B for ; Thu, 29 Jan 2009 22:15:38 +0000 (UTC) Received: by fxm13 with SMTP id 13so44809fxm.10 for ; Thu, 29 Jan 2009 14:15:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=E5BV/3fT1iIRbOxrDhGHajtYwreD0NnEIHgv2HT8KJo=; b=DIyrhDwQ/Zh9q73j3a7+ipIY7brTPS/OZxEJd/eJpmihgQEJ3ktenxWTiTROoG6Uja yrVAzS/tqj8sTrWlwpOLuTYreevnPhDOJrnfdO1+dRKXZmGq+QbrB+waPKBIBaecNA/N h3OuaOiuPw+0hXq0X5FrNBmgJ6RyuPno07Kkk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=cDcjfyBusy3V8PJsmtqqQn3wf6DX9bD26mvHBsj1t1yPg9+SE9bxaTNS9CbzZP6AKn QTpn7vMrV/9vgbpxwZ6BD00joimw+bKpzklITkYC+hR5QvCUBi8GKFiYf64kqG9kXwj8 omckdKDqBxKFKCccwVVkkxJZWIxHy1cdvpo+o= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.181.206.7 with SMTP id i7mr112687bkq.57.1233267336396; Thu, 29 Jan 2009 14:15:36 -0800 (PST) In-Reply-To: <58965d8a0901291258y58e8f8acw31eda17049a66155@mail.gmail.com> References: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> <58965d8a0901290950v3183b14bra1ca458c3ee255d9@mail.gmail.com> <49bf44f10901291239r569fd20eo758f40533b80ecdd@mail.gmail.com> <58965d8a0901291258y58e8f8acw31eda17049a66155@mail.gmail.com> Date: Thu, 29 Jan 2009 14:15:36 -0800 Message-ID: <49bf44f10901291415g108fb9a2k69caab7fb240b53c@mail.gmail.com> Subject: Re: [gentoo-user] Locking down a wireless network From: Grant To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: b9a8c76d-1f2d-42b4-aea7-bd7535a24400 X-Archives-Hash: bd2c82754f89ce3e425b244461bb7d71 >>>> My Gentoo router's wireless network is encrypted via WPA and doesn't >>>> DHCP. I'd like to take this a step further in case my WPA key gets >>>> hacked. Can I issue only certain IPs to certain MAC addresses? >>>> >>>> Does WPA2 require hardware support? >>> >>> I don't think so. It should just be a driver/firmware update if you've >>> got some device that supports WPA and not WPA2. The AES encryption of >>> WPA2 requires a little more hardware power than WEP or WPA normally >>> uses, but I don't think it needs any special chip or anything like >>> that. >>> >>> You can also do VPN over your wifi connection, and require it for >>> access to the rest of your network or the internet. At least then if >>> someone hacks your wireless key, they still can't do anything without >>> having your VPN certificate. >> >> Actually, VPN would rule out my wifi cell phone I bet. > > Maybe not -- I don't know what kind of phone you've got. I have a > Nokia N95 which runs Symbian OS 9 and there are 3 VPN clients that I > know of (and the first one is free): > > http://www.businesssoftware.nokia.com/mobile_vpn_downloads.php > http://www.ncp-e.com/en/vpn-szenarien-produkte/vpn-produkte/secure-entry-client.html > http://www.symvpn.com/Products/ProductInfo.aspx?ProductId=17 > > I believe Windows Mobile devices have VPN support built in, but I've > never tried it. For iPhone or other phone OS i have no idea as I've > never actually used them. > > Paul Thanks Paul, mine is a Nokia N82 and I'm checking into that now. - Grant