Current state of security features

From: David (prism2_at_djl.org.uk)
Date: 2002-03-06 17:03:10 UTC


Hi all,

I'm new to this list, but have been reading the archives with interest since installing the Prism2 HostAP driver a couple of weeks ago.

The situation I have is as follows: a spare laptop running SuSE 7.3 (with 2.4.16 kernel, rebuilt to enable bridging). This has a 3Com Megahertz 10/100 card and an SMC wireless LAN card, set up to act as a wireless access point & transparent bridge onto the company network. All well & good so far - many thanks to Jouni for writing the driver.

The trouble is, at present the network is open to anyone in the office or the car park. I'm looking for a way to restrict access (I don't need military strength security, but it shouldn't be left wide open as at present) and have been looking at 3 options:

  1. WEP. I gather this isn't supported at present, although I believe someone was looking at this a few weeks ago. The last message I can see was to expect a working version "on Monday" - has this ground to a halt, or have I missed something?
  2. MAC-based access in the Prism2 driver. I've downloaded Benedikt's patch to enable this, but it looks like this only supports pcmcia-cs. Is is possible to use this patch with the pcmcia module in the 2.4 kernel?
  3. MAC restriction using iptables. I've rebuilt the kernel with the iptables patch from bridge.sourceforge.net, but although I can get iptables to log packets passing through the bridge I can't make it drop them. Does anyone know whether iptables can be made to work with bridging and the Prism2 driver?

Any reports from anyone who is successfully using any of these methods to secure their wireless LAN would be much appreciated.

Thanks,
David.

This archive was generated by hypermail 2.1.4.