| View previous topic :: View next topic |
| Author |
Message |
Theophile
Apprentice
Joined: 31 Mar 2004
Posts: 285
|
 Posted: Wed Nov 02, 2005 5:41 am Post subject: To what extent should wireless be used? |
 |
|
I'm moving this weekend and will now have 2 floors (yay)! But we're still renting and can;t run ethernet cables "properly." I have a wirelss router for my laptop and I'm considering getting a wireless bridge and a hub to use for the upstars computers. Is there anyting wrong with this idea? Assuming the bridge has a constant, strong signal, will the data transfer rate be comparable to pure wired network? These are all wireless-G, by the way. Does networking this way ever cause packet loss or connection droputs? Would it be a bad idea to run a web/mail server on a wireless-bridged connection?
Thanks for your input! |
|
| Back to top |
|
 |
Lotu
Tux's lil' helper
Joined: 12 Sep 2004
Posts: 106
Location: Finland
|
| Posted: Wed Nov 02, 2005 9:25 am Post subject: |
|
|
Assuming you encrypt the traffic properly and use a whitelist for the mac addresses, you should be fine. The 54Mbit wireless connection will of course be slower than a traditional 100Mbit wire connection, but you probably won't notice the difference.
I haven't had any problems with lost packets at my university or when I had a wireless internet connection at home.
_________________
In a world without walls and fences, who needs Windows and Gates?
I'm an evil homosexual communist. |
|
| Back to top |
|
|
MrUlterior
Guru
Joined: 22 Mar 2005
Posts: 511
Location: Switzerland
|
| Posted: Wed Nov 02, 2005 2:22 pm Post subject: |
|
|
A bit of a rant ...
I used to have a wireless network based on an open WLAN with OpenVPN running over it linking my "front room" (media PC, inet firewall, switch to jack laptop in when surfing in the lounge etc) and my back room (wlan firewall, workstations, servers, etc) LAN's.
The operative term here is USED to have, I junked it for many reasons:
1. Performance on 54mbps & 108mbps gear is NO WHERE NEAR the manufacturers claims. I tried Prism, Ralink and Broadcom based cards with a multitude of hubs, even with signal strength at 80% + (thanks to a directional antenna) neither iperf nor netperf reported speeds better than 50% of the claimed performance. This might sound fine, but if you regularly copy large ammounts of data (I average several gig a day), this is REALLY REALLY painful. I tried all chanels. Also don't forget that the advertised speed of your hub is its total throughput, eg if you have ten devices sharing the WLAN via a 54mbps hub assuming equal QoS thats (54/10)mb per device; in reality tho the closest device can hog most of it which can be almost a DoS depending on the intentions of the person.
2. Certain equipment had varying levels of interference with signal strength that led to drop outs. Eg. my cheapo microwave made the connection's latency jump through the roof and sometimes bring it down completely. It didn't just stop there, it did the same for my neighbours microwave (it's an appartment building ... ) and several other intermittently used devices I never managed to pin point. At some stage I thought perhaps it was something about the building, but I took the two computers and the hub along to a friends house & experienced the same.
3. Break in attempts. You will not believe how many people war drive these days; at first glance my WLAN appeared to be open till you discover there's no route out of it without a VPN client & certificate & no unprotected devices on it -- but I used to average three to four attempts a week ranging from simple to quite devious. With the growing ammount of WLAN enabled smartfones, this will only increase -- I know I regularly check out people's WLANs on mine 
4. Channel interference. If there're many WLANs & all non-adjacent channels are used, good luck getting a strong signal!
Moral of the story? If you expect performance from your WLAN and want to use it for anything beyond casual use, forget it. Don't waste your money; I got rid of all my WLAN gear & investigated 400mbit firewire as the backbone before finally settling for gigabit ethernet -- I've never looked back. I drilled no holes either, double sided tape works beatifully and I raised all cables to the ceiling to make use of the gap above doors as a means of getting cables from room to room. If your doors arent like this you can even drill a canal for cables in the top surface of the door, no one ever looks there 
As I stated these are my opinions/experiences, your mileage will obviously vary.
_________________
Misanthropy 2.0 - enough hate to go around
|
|
| Back to top |
|
|
MrUlterior
Guru
Joined: 22 Mar 2005
Posts: 511
Location: Switzerland
|
| Posted: Wed Nov 02, 2005 2:24 pm Post subject: |
|
|
| Lotu wrote: | Assuming you encrypt the traffic properly and use a whitelist for the mac addresses, you should be fine. The 54Mbit wireless connection will of course be slower than a traditional 100Mbit wire connection, but you probably won't notice the difference.
I haven't had any problems with lost packets at my university or when I had a wireless internet connection at home. |
MAC whitelisting is futile at best, I've got my laptop setting random MAC's on boot for wlan0. With a sniffer I can easily find a MAC address on your WLAN, adopt it and begin my MtM attack. I certainly don't need to go into the security of the various WLAN encryption schemes, most are laughable
_________________
Misanthropy 2.0 - enough hate to go around
|
|
| Back to top |
|
|
tSp
Apprentice
Joined: 19 Jan 2004
Posts: 214
Location: Maysville, KY
|
|
| Back to top |
|
|
Lotu
Tux's lil' helper
Joined: 12 Sep 2004
Posts: 106
Location: Finland
|
| Posted: Wed Nov 02, 2005 8:09 pm Post subject: |
|
|
| MrUlterior wrote: | | MAC whitelisting is futile at best, I've got my laptop setting random MAC's on boot for wlan0. With a sniffer I can easily find a MAC address on your WLAN, adopt it and begin my MtM attack. |
This is very true. However, I'm under the assumtion that wpa/wpa2 are actually quite safe. Is this not the case?
_________________
In a world without walls and fences, who needs Windows and Gates?
I'm an evil homosexual communist. |
|
| Back to top |
|
|
tSp
Apprentice
Joined: 19 Jan 2004
Posts: 214
Location: Maysville, KY
|
| Posted: Wed Nov 02, 2005 9:31 pm Post subject: |
|
|
| Lotu wrote: | | MrUlterior wrote: | | MAC whitelisting is futile at best, I've got my laptop setting random MAC's on boot for wlan0. With a sniffer I can easily find a MAC address on your WLAN, adopt it and begin my MtM attack. |
This is very true. However, I'm under the assumtion that wpa/wpa2 are actually quite safe. Is this not the case? |
there was a recent article in Linux Journal about wpa......cant remember the details off the top of my head, but might want to check it out
_________________
tSp
http://www.rhpstudios.com
http://www.xtremewebhosts.com
http://www.maysville-linux-users-group.org
http://www.edwiget.name
Registered Linux User #162711 |
|
| Back to top |
|
|
MrUlterior
Guru
Joined: 22 Mar 2005
Posts: 511
Location: Switzerland
|
| Posted: Thu Nov 03, 2005 12:24 am Post subject: |
|
|
| Lotu wrote: | | MrUlterior wrote: | | MAC whitelisting is futile at best, I've got my laptop setting random MAC's on boot for wlan0. With a sniffer I can easily find a MAC address on your WLAN, adopt it and begin my MtM attack. |
This is very true. However, I'm under the assumtion that wpa/wpa2 are actually quite safe. Is this not the case? |
I won't speak about wpa2 as I've never had a sufficient collection of compatible gear to put it to the test (which is a problem in linux); in theory at least it sounds good. However wpa is about as useful as wep, eg. keeps honest people honest -- anyone dedicated/dishonest enough can break though given time and perseverance.
_________________
Misanthropy 2.0 - enough hate to go around
|
|
| Back to top |
|
|
|
Networking & Security
