Subscribe to our RSS Feeds
Hello, this is a sample text to show how you can display a short information about you and or your blog. You can use this space to display text or image introduction or to display 468 x 60 ads and to maximize your earnings.

Thursday, August 19, 2010

Security software for your Wireless LAN

The security included in all Wireless LAN is cost effective, so if you want security over your Wireless LAN, you may want to check those packages.

Generic security solutions

Generic security protocols are totally independant of the underlying technology, so will work on any kind of wired or wireless connection. Those solutions are often classical, well defined and proven.
  • FreeS/WAN is the popular IPsec package for Linux. Only available with 3DES encryption.
  • WaveSec is a part of the FreeS/WAN project looking at how it FreeS/WAN applies to Wireless LANs. They provide tools, documentations and sample configurations.
  • Cerberus, an IPsec implementation from NIST. This implementation contain many different encryption cypher (including all the AES finalists), but is subject to US export controls.
  • OpenSSH, an Open Source implementation of the SSH protocol. A favorite for Unix users.
  • PoPTop, a PPTP server for Linux.
  • PPTP-Linux, a PPTP client for Linux.

802.11 specific security solutions

802.11 specific solutions are more complex and depend on hardware support. They come in two parts, the first part runs between the card and the Access Point (802.1x, WPA), the second part runs between the Access Point and an authentication server (Radius).

  • Open1x xsupplicant is an Open Source implementation of the 802.1x protocol (capable of using EAP/TLS to authenticate) for Linux and BSD. Recent version add support for the WPA and WPA2 protocols.
  • Adam Sulmicki has written a FAQ on how to setup 802.1x with Radius under Linux.
  • wpa_supplicant is complete implementation of the WPA and WPA2 protocols, providing enhanced privacy and security.

Public wireless LAN solutions

If you are deploying public wireless LAN access, you often don't want all those complication and can use a simple captive portal.
  • NoCat is a captive portal based on HTTPS authentication and firewall filtering for Linux currently in development.
  • Chillispot is a captive portal that support a Radius authentication server. It also works with WPA instead of the HTTP authentication.
>> next >>
Posted by wireless holic at 9:38 AM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)