So it became quite an active thread ;) I didn´t want to play big
security guy, all I wanted to point out was the best solution in
my opinion. Security Deployment is always a balance between costs,
effort to maintain and the security level.
What was not mentioned at all :
Being paranoid about that ( and I am still far away from it )
is a matter of law. Times where the internet was a free place
where everyone could behave as pleased are gone. I just don`t wanna
be prosecuted because some nerd used my line to do his stuff.
It would all be pointed on me.
I admit it is rather unlikely but I don´t want to take a chance.
All WE want to do is have fun with m0n0 and experiment a little
to gain our knowledge. But that´s for us.
Always try to think like the dark side of the force ;)
Referring to Fred Weston :
> Hi Mitch,
> I've played with NoCat, but it requires you to set up your own
> AuthService on a separate box if you want to have tight control over
> your hotspot users. That also means there has to be connectivity from
> the AP back to the auth box, and if that were somehow broken nobody
> could login. My users are more or less stationary and always connected,
> so I think something like NoCat would be cumbersome to them. It does
> offer the ease of centralized user management, but I just don't think
> it's right for me.
> -----Original Message-----
> From: Mitch (WebCob) [mailto:mitch at webcob dot com]
> Sent: Saturday, December 06, 2003 2:48 PM
> To: Magne Andreassen; 'John Voigt'; m0n0wall at lists dot m0n0 dot ch
> Cc: fred at daytonawan dot com
> Subject: RE: [m0n0wall] FW: MAC filtering on wireless interfaces
> Hey Magne - I agree with you in pricipal - but there are different
> realities - one like Fred seems to be talking about - WAP hotspots...
> would put an unrealistic burden on the users to connect if we expect
> them to configure IPSEC or PPTP on their windows boxes so they can surf
> in my coffee shop.
> Found the link I was thinking of Fred: http://nocat.net/
> There is always a balance of security and usability - if the "cost" of
> security sacrifices to much usability, then it's pointless - the system
> won't be used at all...
> my 2 pennies.
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
Digital Research & Innovation
Swakopmunder Str. 1
voice 3.1kHz : + 49 89 43746158
fax-machine : + 49 89 43746159
email : wencel at radion dot org
browser : www.radion.org