From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LSdyR-0008KF-9v for garchives@archives.gentoo.org; Thu, 29 Jan 2009 20:58:55 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 36955E04F1; Thu, 29 Jan 2009 20:58:54 +0000 (UTC) Received: from yx-out-1718.google.com (yx-out-1718.google.com [74.125.44.158]) by pigeon.gentoo.org (Postfix) with ESMTP id 12BC5E04F1 for ; Thu, 29 Jan 2009 20:58:54 +0000 (UTC) Received: by yx-out-1718.google.com with SMTP id 4so58247yxp.46 for ; Thu, 29 Jan 2009 12:58:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type:content-transfer-encoding; bh=H7bRqT4d0KaZR5VTCSDuaHCEe3pPCHjw/l6ikBKmhss=; b=YgSAewPi/Tt9kU6YirFRr9JuAPasipY2r0xi68yNaGlo6D2bIW2ciDI0s9H94ojhf4 ivOqbgwSXOV5qLpSqbxlVhDCovnvbt23fbow+YrWbnucxdfUNaiu/q5B8Gxwxde1Q26z R9Fe4UgIX9gpmZOjThgLyARvqgKC5fPeEXW7w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=ZLEQ0ndZixOY5x3kCJ1r0+IZDBNXF6joLIOw+Ekw8/matXbzcmUlMM+ISVxg7xvTpo dlWTFQEc85xaKsbVcPc3Sx09uj+B6Jrpd3e5D20oh9NDxVe0UJCVnRn31osNl4WtlRF2 IlGuUWHL4lPc2Ih0FNVVjrnkyIlanq9TqEgME= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Sender: paul.hartman@gmail.com Received: by 10.150.147.9 with SMTP id u9mr479070ybd.31.1233262733363; Thu, 29 Jan 2009 12:58:53 -0800 (PST) In-Reply-To: <49bf44f10901291239r569fd20eo758f40533b80ecdd@mail.gmail.com> References: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> <58965d8a0901290950v3183b14bra1ca458c3ee255d9@mail.gmail.com> <49bf44f10901291239r569fd20eo758f40533b80ecdd@mail.gmail.com> Date: Thu, 29 Jan 2009 14:58:53 -0600 X-Google-Sender-Auth: ec85381247fb76aa Message-ID: <58965d8a0901291258y58e8f8acw31eda17049a66155@mail.gmail.com> Subject: Re: [gentoo-user] Locking down a wireless network From: Paul Hartman To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 22786313-1135-4a0e-9050-cd7e7797df5e X-Archives-Hash: e7c87d0d8f6ec733792cd29e44b40456 On Thu, Jan 29, 2009 at 2:39 PM, Grant wrote: >>> My Gentoo router's wireless network is encrypted via WPA and doesn't >>> DHCP. I'd like to take this a step further in case my WPA key gets >>> hacked. Can I issue only certain IPs to certain MAC addresses? >>> >>> Does WPA2 require hardware support? >> >> I don't think so. It should just be a driver/firmware update if you've >> got some device that supports WPA and not WPA2. The AES encryption of >> WPA2 requires a little more hardware power than WEP or WPA normally >> uses, but I don't think it needs any special chip or anything like >> that. >> >> You can also do VPN over your wifi connection, and require it for >> access to the rest of your network or the internet. At least then if >> someone hacks your wireless key, they still can't do anything without >> having your VPN certificate. > > Actually, VPN would rule out my wifi cell phone I bet. Maybe not -- I don't know what kind of phone you've got. I have a Nokia N95 which runs Symbian OS 9 and there are 3 VPN clients that I know of (and the first one is free): http://www.businesssoftware.nokia.com/mobile_vpn_downloads.php http://www.ncp-e.com/en/vpn-szenarien-produkte/vpn-produkte/secure-entry-client.html http://www.symvpn.com/Products/ProductInfo.aspx?ProductId=17 I believe Windows Mobile devices have VPN support built in, but I've never tried it. For iPhone or other phone OS i have no idea as I've never actually used them. Paul