[ previous ] [ next ] [ threads ]
 
 From:  "Kamil Wencel" <wencel at radion dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] FW: MAC filtering on wireless interfaces
 Date:  Mon, 8 Dec 2003 07:34:08 +0100 (CET) 
So it became quite an active thread ;) I didn´t want to play big
security guy, all I wanted to point out was the best solution in
my opinion. Security Deployment is always a balance between costs,
effort to maintain and the security level.

What was not mentioned at all :

Being paranoid about that ( and I am still far away from it )
is a matter of law. Times where the internet was a free place
where everyone could behave as pleased are gone. I just don`t wanna
be prosecuted because some nerd used my line to do his stuff.
It would all be pointed on me.

I admit it is rather unlikely but I don´t want to take a chance.

All WE want to do is have fun with m0n0 and experiment a little
to gain our knowledge. But that´s for us.

Always try to think like the dark side of the force ;)

Kamil

Referring to Fred Weston :
> Hi Mitch,
>
>   I've played with NoCat, but it requires you to set up your own
> AuthService on a separate box if you want to have tight control over
> your hotspot users.  That also means there has to be connectivity from
> the AP back to the auth box, and if that were somehow broken nobody
> could login.  My users are more or less stationary and always connected,
> so I think something like NoCat would be cumbersome to them.  It does
> offer the ease of centralized user management, but I just don't think
> it's right for me.
>
> Cheers
>
> -----Original Message-----
> From: Mitch (WebCob) [mailto:mitch at webcob dot com]
> Sent: Saturday, December 06, 2003 2:48 PM
> To: Magne Andreassen; 'John Voigt'; m0n0wall at lists dot m0n0 dot ch
> Cc: fred at daytonawan dot com
> Subject: RE: [m0n0wall] FW: MAC filtering on wireless interfaces
>
>
> Hey Magne - I agree with you in pricipal - but there are different
> realities - one like Fred seems to be talking about - WAP hotspots...
> would put an unrealistic burden on the users to connect if we expect
> them to configure IPSEC or PPTP on their windows boxes so they can surf
> in my coffee shop.
>
> Found the link I was thinking of Fred: http://nocat.net/
>
> There is always a balance of security and usability - if the "cost" of
> security sacrifices to much usability, then it's pointless - the system
> won't be used at all...
>
> my 2 pennies.
> m/
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>


RADION
Digital Research & Innovation

Kamil Wencel
Swakopmunder Str. 1
81827 München

voice 3.1kHz : + 49 89 43746158
fax-machine  : + 49 89 43746159

email        : wencel at radion dot org
browser      : www.radion.org