Home wireless network without WEP???

[stgreek]

Hi. I am setting up my home network, consisting of two thinkpads and a desktop. As we all know, wifi and linux don't like each other and I've been having a lot of problems trying to set up my minipci cards for WEP. Now I know that a few people in my block have wifi nets ( I pick up 3 apart from mine) so I wanted to ask the following question:

How secure will my home network be without WEP? My SSID has been set to not broadcast from day 1, so I want to know if there is a way for people to scan and find my network.

Thanks
_________________
The day Microsoft makes something that doesn't suck is probably the day that they start making vacuum cleaners

[UberLord]

If you install MAC filtering on the AP then they can't access your network resources but they can sniff the data going wirelessly.
_________________
Use dhcpcd for all your automated network configuration needs
Use dhcpcd-ui (GTK+/Qt) as your System Tray Network tool

[echo6]

IMHO wireless is horrendously insecure. Don't put anything on the wireless network that is sensitive. If you can enable WEP do so, frequently change the keys (a pain I know but necessary if you want some security). MAC filter where ever you can, but don't rely upon it for security. Even MACs can be spoofed! Use RARP if you can. Setup the wireless network in a "DMZ", put the access point outside of the firewall of your own LAN and appropriately manage the firewall to the internet. Be mindful of the capability of a wireless user on your WLAN, e.g.if they get access and use your WLAN for illicit purposes who gets the blame?

[flybynite]

Any wep can be cracked, mac filtering is easily spoofed... What I would do is use a VPN such as freeswan/openswan. You can then only allow encrypted traffic on the wireless portion of your network to enter you lan/wan. Works with windows too....

Nate Carlson has a howto, but it's not plug n play....

http://www.natecarlson.com/linux/ipsec-x509.php#wireless

[ZeNTuRe]

Make an IPsec tunn and restrict MACs, so they can only sniff encrypted packets.
_________________
Did they touch God or did they touch the Sun?

[stgreek]

First of all, thanks for all the replies. I am a complete noob when it comes to networking, so please bear with me.

I will try mac filtering for the network, but echo6's idea looks a little difficult for me to implement. Now, I will not be using any of my computers as any kind of server, so could you please tell me how to add a few rules to iptables to make them a bit more secure from intruders? I have never used iptables, and I have all the default options check on 2.6.3 kernel. Thanks a lot for your help.

Stavros
_________________
The day Microsoft makes something that doesn't suck is probably the day that they start making vacuum cleaners

[echo6]

[stgreek]

Using a separate machine is unfortunately not possible. Also, I cannot directly connect a computer to the modem due to space, which is why I have the wi-fi setup. I am mainly interested in accessing the internet from all of them, and also being able to read/write files from the desktop harddrive from all the linux machines. Each machine has its own printer, so printing is not a concern.

My equipment:

D-Link DI-614+ wireless router (600/128 Cable line)
Shuttle SN45G SFF PC with internal crappy usb prism2.5 wi-fi card
Thinkpad T23 with D-Link 650+ (gf, running win2k, just needs internet access and no sharing)
Thinkpad X31 with internal Mini-Pci Cisco 350 (also have a spare Agere minipci, don't know if it works though)
Thinkpad X23 with PCMCIA Cisco 340

The idea is that I mainly use the desktop for things like dvd/cd/tv-ripping, graphics/animation design, bittorent and then move the files to the laptops for post-processing/viewing.

Any help will be much appreciated
_________________
The day Microsoft makes something that doesn't suck is probably the day that they start making vacuum cleaners