[nycbug-talk] How secure: wireless + ssh?
Charles Sprickman
spork
Mon Dec 26 14:26:41 EST 2005
On Mon, 26 Dec 2005, Chris Clymer wrote:
> The original responders had the best method for securing wireless: don't.
> Secure your own transmissions over it with proven technologies like SSH and
> VPN. Put your wireless access point on a different network segment from
> everything else, treat it like a leper. Make your own decisions for how
> locked down your network needs to be, but always assume that your wireless
> access point is as untrusted as a connection could possibly be.
That seems like good advice... Once I can figure out why every OpenBSD
past 3.5 panics on boot on my firewall I'm going to redesign things at
home. I think that for a few people here the experience of setting things
up as if you're doing it for a small business would be very valuable
experience.
I wonder if anyone can comment on the overhead that running everything
through a VPN might have? Specifically when we're talking about older
hardware. I still run a G3/600 as my laptop and it seems like OS-X is dog
slow when it touches the SSL stuff (time page loads in Safari w/SSL and
w/o)... I wonder what sort of slowdown this or a slower PII-class intel
laptop would see once all traffic has to be encrypted (just to be clear,
WEP/WPA are offloaded to the card if I understand that correctly).
Thanks,
Charles
ps - It's almost 70 degrees here in Florida
More information about the talk
mailing list