[sclug] Home wireless lan

Tim Sutton suttont at onetel.net.uk
Sat Oct 25 09:05:48 UTC 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Bob

Thanks for the (very detailed!) reply. All the pcs on the network will running 
linux except for our friend who is coming to stay who has xp. So for linux I 
can just defined a static ip address for each nic and set them up manually on 
each pc?

Can one specify mac address restrictions in ad-hoc mode, or will I need to set 
up iptables rules to limit who can jump onto my cable connection?

Many thanks

Tim

On Tuesday 15 July 2003 1:06 am, Bob Franklin wrote:
> On Mon, 14 Jul 2003, Tim Sutton wrote:
> > Can this can be done without a base station thingy?
>
> The whole point of the 'ad hoc' mode is that you don't need a base
> station; you can just put two (or more) devices in range and they will see
> each other and chat.  So: 'yes'.
>
> Obviously, that just sorts out the layer 2 side of things - so generally
> you'll need to give them compatible IP addresses.  Windows 98+ and MacOS
> (9+? definitely OS X) will use that 'autoconfiguration IP' range which
> invents addresses beginning '169.254' and should just work, in the absence
> of a DHCP server.  I don't know what the various DHCP clients for Linux
> are doing, these days.
>
> Obviously, this does mean you've have no DNS and dynamic IPs, so probably
> the only way for two machines to usefully find each other is the dreaded
> Windows 'Network Neighborhood' (or 'Computers Near Me' as it seems to be
> called these days).  Mac OS X machines have 'Rendezvous' which does some
> clever discovery and service location stuff.
>
> Under [say] Linux, you'll have to somehow find the IP of each device to be
> able to ssh (you won't be using telnet or FTP over wireless, will you?
> ;-).
>
> > Can anyone tell me whether I can expect my 4 pc network to work ok
> > without a base station?
>
> It will, *if* you set all the devices to 'ad hoc' mode.  If you set them
> to 'infrastructure' mode (or whatever the exact term is, used on your
> device), they will search for a special 'access point' (=> base station)
> wireless device, which will offer the gateway out of the wireless network
> and onto the backend wired network.
>
> > Can anyone recommend the cheapest most plug 'n play pcmcia & usb devices
> > to purchase?
>
> Nope.  The stuff I like the best is the various rebranded Lucent cards: I
> have an Apple AirPort card in my Mac, an AirPort (802.11b - 11Mbps) base
> station and a Toshiba laptop with Toshiba mini-PCI wireless card which
> worked under Linux fine.  All these are Lucent devices underneath.
>
> The Lucent stuff isn't particularly cheap, but I've yet to have a problem
> with it (c.f. some other makes).
>
> A D-Link card I bought for someone worked fine but needed a lot of messing
> around with drivers first.
>
> All that said, I've seen stuff from various manufacturers all just working
> OK and people using them who are not highly computer-literate (including
> these autoconfiguring NATing wireless gateways for home).  People I know
> are just using those without trouble - no messing around with iptables,
> like wot I do [I wonder why I bother!]
>
> > Any other gotchas I should look out for?
>
> Probably not, but just consider whether you should be going for 802.11g
> (54Mbps) rather than plain 'b'.  I'm quite happy with 'b' and the extra
> speed wouldn't really be worth it for me - the convenience of wireless is
> enough and, if I need the bandwidth, I prefer the 'genuine' ~100Mbps of
> wired to the 'if you're lucky' 11Mbps (typically around 5/6Mbps) on
> wireless and there are lot less questions with 'b', although 'g' is
> supposedly all backwards compatible.
>
> One thing to bear in mind is how insecure wireless is.  WEP isn't worth
> much (it also slows down your connection to about 75% of without it, in my
> tests) so expect to need to use SSH and SFTP (or something else encrypted)
> if you're going to be logging in over it.  If you need to read email with
> POP/IMAP [for example] and can't use SSL on the actually connection, use
> SSH to tunnel a port-forwarded connection (or VPN or somesuch).
>
> If you end up with a base station, I would recommend (to stop authorised
> people connecting):
>
>   - disabling SSID advertisement (make it a 'closed' network)
>   - using WEP (128-bit), although it's use is debatably pointless
>   - limiting the MAC addresses which can connect
>
> These are all easily circumventable security layers, but it does stop
> people accidently joinging your network (especially the first one, if
> nothing else).
>
> Aside from all that, wireless is great.  Once you've had it, you won't
> want to lose it.
>
>   - Bob

- -- 
Get my public keys from:

http://tim.suttonfamily.co.uk/modules.php?name=Content&pa=showpage&pid=2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/E6sjWvXTJUo0BDoRApQAAJ9fjaSup18vT2QFFXAfU17Uohs4ogCginmr
7sO3seH/g5U6wCxRgCllLWA=
=to4x
-----END PGP SIGNATURE-----

More information about the Sclug mailing list