From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LSb26-00021I-RI for garchives@archives.gentoo.org; Thu, 29 Jan 2009 17:50:31 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B8664E04F8; Thu, 29 Jan 2009 17:50:29 +0000 (UTC) Received: from rn-out-0910.google.com (rn-out-0910.google.com [64.233.170.190]) by pigeon.gentoo.org (Postfix) with ESMTP id 92AF9E04F8 for ; Thu, 29 Jan 2009 17:50:29 +0000 (UTC) Received: by rn-out-0910.google.com with SMTP id k1so31886rnd.14 for ; Thu, 29 Jan 2009 09:50:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type:content-transfer-encoding; bh=+0bUvzljoN4G32Br8Pnh0Ap+5oc600qFRH1hOEiQ7Go=; b=Gznn6gy2fFt+zMPTyaypkHCq5rPeqj4sTvnsQq1nNJS0LTgi074dzpJWzRvglneRL0 AVi1cy0iLs7MAiELUNYqhBaeSvGZSkhYv8UhREspeffkTuhT4yNN76oupArrzBGyh/a5 38zxjfhfZBeMcZlzQ2KehFap/OBGE5+CfKTeY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=WPuQGolpvG77te/JL7HqnQ1FvcKo9OPrCDvkFEDrGsfzET48+ubMKp19Swr8+oK6bY NpqU8DSjw1DAPiHj38KFyYvvkhxs+Hu1QfWUeUcPX7qlF2qX4OeEOkj3Wvp6AJKa5FoQ r/77yFanpIKHNCHxSu8n411vW66h/sx4PJSMI= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Sender: paul.hartman@gmail.com Received: by 10.151.112.12 with SMTP id p12mr314822ybm.155.1233251429391; Thu, 29 Jan 2009 09:50:29 -0800 (PST) In-Reply-To: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> References: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> Date: Thu, 29 Jan 2009 11:50:29 -0600 X-Google-Sender-Auth: 9cee61a1732448ec Message-ID: <58965d8a0901290950v3183b14bra1ca458c3ee255d9@mail.gmail.com> Subject: Re: [gentoo-user] Locking down a wireless network From: Paul Hartman To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 5f6a24e7-de5b-4e63-a006-0bd9d698394e X-Archives-Hash: 80dc35edde23b1879f4e75d09f010f25 On Thu, Jan 29, 2009 at 11:40 AM, Grant wrote: > My Gentoo router's wireless network is encrypted via WPA and doesn't > DHCP. I'd like to take this a step further in case my WPA key gets > hacked. Can I issue only certain IPs to certain MAC addresses? > > Does WPA2 require hardware support? I don't think so. It should just be a driver/firmware update if you've got some device that supports WPA and not WPA2. The AES encryption of WPA2 requires a little more hardware power than WEP or WPA normally uses, but I don't think it needs any special chip or anything like that. You can also do VPN over your wifi connection, and require it for access to the rest of your network or the internet. At least then if someone hacks your wireless key, they still can't do anything without having your VPN certificate.