[MLB-WIRELESS] PPTP via 802.11
Steven Haigh
netwiz at crc.id.au
Sun Aug 15 10:49:18 EST 2004
Rowan Crowe said:
> I am looking for security solutions for my free internet project. If my
> understanding is correct, WEP only protects the network as a whole;
> there is no unique encryption or login for an individual node. If you know
> the password (as public access members would) then it's the same as
> viewing unencrypted traffic.
Correct.
> Windows 98+ seems to support PPTP (VPN) out of the box and FreeBSD has a
> suitable server available. Is anyone using PPTP? How secure is it compared
> to WEP? Are there any MTU issues due to the per-packet encapsulation?
I use PPTP (PoPToP) on my wlan at home. I deny all but DHCP and the PPtP
port (1736 iirc). You then get a 192.168.0.x address from the WLAN, and
then you login via PPtP to get world access. Certainly more secure than
WEP - and it removes the bottleneck associated with enabling WEP.
It gets a little harder if you want 128bit MPPE encryption, but you should
get it happening in an hour or two.
I haven't noticed anything unusual with packet sizes etc... YMMV.
> Using an "... over ..." solution also means that I can set things up to
> allow an unencrypted backdoor for people who stumble across the AP. For
> example, any direct IP access on port 80 brings up a web page with
> information on how to configure PPTP settings.
Yes, quite possible.
> L2TP looks like another possiblility.
the rp-pppoe package has a PPPoE server you could play with - although it
would be much harder to setup than PPtP.
> Any experiences or suggestions are appreciated...
>
> Cheers.
--
Signed,
Steven Haigh
I am root. If you see me laughing, you'd better have a backup.
To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message
More information about the Melbwireless
mailing list