[MLB-WIRELESS] Wireless networking question

Jason Brice Jason.Brice at kiandra.com
Wed Mar 12 10:18:45 EST 2003 

Another possibility is that you have several protocols bound to the NIC on your PC.

IP and IPX are protocols that include a logical addressing layer allowing you to send packets to specific machines (this is a good thing)
NetBIOS or Netbeui are nasty protocols that rely on broadcasting every packet to all machines (this is generally a bad thing and could explain your AP traffic)

Earlier versions of Windows (95/98) like to bind these nasty protocols to your NIC automatically. You could be running one of these broadcast based protocols on your network and not be aware of it.

Check your network settings and unbind these protocols if they appear there.

of course you may not be using windows at all.. ?

________________________
jason brice
senior network engineer
kiandra system solutions
level 9, 455 bourke st melbourne vic 3000
(t) +61 3 9600 1639
(f) +61 3 9600 1656



-----Original Message-----
From: Chris Samuel [mailto:chris at csamuel.org] 
Sent: Wednesday, 12 March 2003 9:32 AM
To: Joe Hovel
Cc: melbwireless at wireless.org.au
Subject: Re: [MLB-WIRELESS] Wireless networking question


On Tue, Mar 11, 2003 at 10:52:25PM +1100, Joe Hovel wrote:

> I hope someone can answer a technical query for me:
> With an access point connected to a home network switch, I find that 
> _all_ traffic for any of my PCs (even the little printserver) is 
> passed through the access point. I noticed this because the Dlink 
> configuration/monitoring software shows continuously increasing packet 
> numbers, irrespective of where traffic is intended.

Two points here - one from the security point of view and one from the general network configuration point of view:

1) security -	I would strongly suggest that you place a firewall
		between your internal network and the AP!  These do
		not have to cost much, especially if you have an old
		PC doing nothing, or can pick one up for next to nothing.
		There are a number of Linux based firewall projects that
		would suit this admirably, including IPCop (www.ipcop.org)
		which gives you a point and click web interface, but only
		uses the 2.2 kernel and ipchains, or the more up-to-date
		Bering (http://leaf.sourceforge.net/devel/jnilo) that uses
		a 2.4 kernel and the Smoothwall (http://www.smoothwall.net)
		iptables front end, but is a text-only configuration.

2) config -	it sounds like your DLink is acting as a hub rather than
		a switch - the difference being that a hub will flood a
		packet received on an interface out onto all others,
		whereas a switch learns who is on what port and then
		only transmits packets to the ports necessary. Of course
		broadcast traffic will flood out to all ports as well.
		So I would also suggest, if your budget stretches to it,
		putting all your internal systems on a switch, including
		your firewall, and plugging the AP into the red/untrusted
		side of the firewall.

Good luck!
Chris

To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message


To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message

More information about the Melbwireless mailing list