Menu
News
All News
Dungeons & Dragons
Level Up: Advanced 5th Edition
Pathfinder
Starfinder
Warhammer
2d20 System
Year Zero Engine
Industry News
Reviews
Dragon Reflections
White Dwarf Reflections
Columns
Weekly Digests
Weekly News Digest
Freebies, Sales & Bundles
RPG Print News
RPG Crowdfunding News
Game Content
ENterplanetary DimENsions
Mythological Figures
Opinion
Worlds of Design
Peregrine's Nest
RPG Evolution
Other Columns
From the Freelancing Frontline
Monster ENcyclopedia
WotC/TSR Alumni Look Back
4 Hours w/RSD (Ryan Dancey)
The Road to 3E (Jonathan Tweet)
Greenwood's Realms (Ed Greenwood)
Drawmij's TSR (Jim Ward)
Community
Forums & Topics
Forum List
Latest Posts
Forum list
*Dungeons & Dragons
Level Up: Advanced 5th Edition
D&D Older Editions, OSR, & D&D Variants
*TTRPGs General
*Pathfinder & Starfinder
EN Publishing
*Geek Talk & Media
Search forums
Chat/Discord
Resources
Wiki
Pages
Latest activity
Media
New media
New comments
Search media
Downloads
Latest reviews
Search resources
EN Publishing
Store
EN5ider
Adventures in ZEITGEIST
Awfully Cheerful Engine
What's OLD is NEW
Judge Dredd & The Worlds Of 2000AD
War of the Burning Sky
Level Up: Advanced 5E
Events & Releases
Upcoming Events
Private Events
Featured Events
Socials!
EN Publishing
Twitter
BlueSky
Facebook
Instagram
EN World
BlueSky
YouTube
Facebook
Twitter
Twitch
Podcast
Features
Top 5 RPGs Compiled Charts 2004-Present
Adventure Game Industry Market Research Summary (RPGs) V1.0
Ryan Dancey: Acquiring TSR
Q&A With Gary Gygax
D&D Rules FAQs
TSR, WotC, & Paizo: A Comparative History
D&D Pronunciation Guide
Million Dollar TTRPG Kickstarters
Tabletop RPG Podcast Hall of Fame
Eric Noah's Unofficial D&D 3rd Edition News
D&D in the Mainstream
D&D & RPG History
About Morrus
Log in
Register
What's new
Search
Search
Search titles only
By:
Forums & Topics
Forum List
Latest Posts
Forum list
*Dungeons & Dragons
Level Up: Advanced 5th Edition
D&D Older Editions, OSR, & D&D Variants
*TTRPGs General
*Pathfinder & Starfinder
EN Publishing
*Geek Talk & Media
Search forums
Chat/Discord
Menu
Log in
Register
Install the app
Install
Upgrade your account to a Community Supporter account and remove most of the site ads.
Community
General Tabletop Discussion
*Geek Talk & Media
Tell me about wireless routers
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="azhrei_fje" data-source="post: 2459242" data-attributes="member: 12966"><p>The LinkSys routers have the single advantage of being Linux-based, and hence, hackable. <img src="https://cdn.jsdelivr.net/joypixels/assets/8.0/png/unicode/64/1f642.png" class="smilie smilie--emoji" loading="lazy" width="64" height="64" alt=":)" title="Smile :)" data-smilie="1"data-shortname=":)" /> If you have a wired connection to the router, you can build new firmware for it and upload your changes to the router. This allows you to SSH directly to the router itself, which is a big win for security (see below).</p><p></p><p></p><p>I have a D-Link connected to my cable modem. On the inside are my wife's machines, the two wired links that go upstairs to the game room and the guest bedroom, and one wired link to my firewall (a computer running Linux). On the other side of the Linux box is my "corporate" network for the company I own and run. (I teach Linux and AIX system administration, networking, security, performance management, OS internals, and how to write device drivers.) My "inside" network is not accessible from outside the Linux firewall, so the wireless D-Link router is not a big security concern as far as my company data. (The Linux machine is only accessible from the outside via SSH and I have strict key checking turned on.)</p><p></p><p>In the last 2+ years, I have never had to reset the D-Link due to problems with it hanging or crashing. I *have* had to reset the cable modem at least once every 3-4 months (stupid piece of sh*t!) and I live in the lightning capital of the world: central Florida.</p><p></p><p></p><p>First, be aware that unless you *really* know what you are doing, you WILL NOT be able to secure your communications over a wireless link. First off, MAC addresses are easily spoofed (I can listen on your network and within seconds have your MAC address, which I can then program my NIC to use). Second, not broadcasting your ESSID is good, but it's only used as a "selector" so that when multiple wireless access points are available, a user can choose the one they want. Third, setting a WEP key is necessary, but within 35 minutes and a few thousand data packets, I can decrypt your WEP key and be watching your packets zip across the airwaves. Three strikes, you're out!</p><p></p><p>What this all comes down to is: DO NOT EXPECT PRIVACY on a wireless link. So don't login to your bank's web site and don't login to Yahoo! mail. Don't even visit those sites, or the cookies being stored by your browser will be sent to the web servers! And heaven forbid you are running Windows on your wireless laptop! At a minimum, put Linux, FreeBSD, OpenBSD, or something with at least A LITTLE security on it!</p><p></p><p>The correct way to go wireless is to set up a RADIUS server. If you don't want to spend money, put a small Linux box on your network and run a FreeRADIUS server. On your wireless machine, you'll run "wpa_supplicant", which is the client. It will give you a *SECURE* vpn to the FreeRADIUS server, and from there you can go out a wired link to the 'net. Another option is to use FreeS/WAN. It will allow you to securely connect to a server over the wireless link, and then the server sends the unencrypted request over the wired link to the outside world. The thing I like about FreeRADIUS is that I can quickly get my friends an "account" when they visit, so that they can surf the web using their equipment. And it's as secure for them as it is for me.</p><p></p><p>Of course, once the connection is outside your little network, you're in the big, bad world of the Internet and your packets are fair game to a lot of people...</p><p></p><p>If you bought a LinkSys router that's running Linux, you can always load new firmware on it that supports SSH. From your laptop, you connect to the router directly using SSH and use SSH to forward ports from your local machine to the router, such as port 80. Now connect to <a href="http://localhost:80/" target="_blank">http://localhost:80/</a> and you're really connecting to the router, with the advantage that all traffic is tunneled over SSH. Here's a news flash for you: not even the NSA (National Security Agency) can listen in on an SSH-encrypted channel! They can, however, decrypt your 128-bit SSL in realtime using their machine known as Echelon (it's not really a "computer" per se, because it only does one thing and isn't really programmable). Yes, I said "realtime", meaning without any delay. <img src="https://cdn.jsdelivr.net/joypixels/assets/8.0/png/unicode/64/1f631.png" class="smilie smilie--emoji" loading="lazy" width="64" height="64" alt=":eek:" title="Eek! :eek:" data-smilie="9"data-shortname=":eek:" /> </p><p></p><p>I use 802.11b because, as stated earlier, I don't need fast wireless access to the 'net (my cable modem maxes out at 650KB/s -- that's a capital "B"). And I ONLY use wireless for web surfing and only to places where I don't have to login. When I'm pushing files around my office I am strictly a wired Ethernet shop. The data stays protected behind my Linux firewall, so even my wife's laptop with a Windows virus can't get to it. (She comes into my office to do our accounting on a Linux machine which is inside the network, because I won't allow her to connect to the company network with a (possibly) virus-laden Windows box.)</p><p></p><p>I'm not going to drone on and on about wi-fi, but if you value your privacy, you'll pick up the recent 2-part series in LinuxJournal (I think it was April or May) that discusses how to install and configure a FreeRADIUS server and set one up for yourself. Anything else is running naked through the streets with a bullseye tattooed on your b*tt! <img src="https://cdn.jsdelivr.net/joypixels/assets/8.0/png/unicode/64/1f609.png" class="smilie smilie--emoji" loading="lazy" width="64" height="64" alt=";)" title="Wink ;)" data-smilie="2"data-shortname=";)" /></p></blockquote><p></p>
[QUOTE="azhrei_fje, post: 2459242, member: 12966"] The LinkSys routers have the single advantage of being Linux-based, and hence, hackable. :) If you have a wired connection to the router, you can build new firmware for it and upload your changes to the router. This allows you to SSH directly to the router itself, which is a big win for security (see below). I have a D-Link connected to my cable modem. On the inside are my wife's machines, the two wired links that go upstairs to the game room and the guest bedroom, and one wired link to my firewall (a computer running Linux). On the other side of the Linux box is my "corporate" network for the company I own and run. (I teach Linux and AIX system administration, networking, security, performance management, OS internals, and how to write device drivers.) My "inside" network is not accessible from outside the Linux firewall, so the wireless D-Link router is not a big security concern as far as my company data. (The Linux machine is only accessible from the outside via SSH and I have strict key checking turned on.) In the last 2+ years, I have never had to reset the D-Link due to problems with it hanging or crashing. I *have* had to reset the cable modem at least once every 3-4 months (stupid piece of sh*t!) and I live in the lightning capital of the world: central Florida. First, be aware that unless you *really* know what you are doing, you WILL NOT be able to secure your communications over a wireless link. First off, MAC addresses are easily spoofed (I can listen on your network and within seconds have your MAC address, which I can then program my NIC to use). Second, not broadcasting your ESSID is good, but it's only used as a "selector" so that when multiple wireless access points are available, a user can choose the one they want. Third, setting a WEP key is necessary, but within 35 minutes and a few thousand data packets, I can decrypt your WEP key and be watching your packets zip across the airwaves. Three strikes, you're out! What this all comes down to is: DO NOT EXPECT PRIVACY on a wireless link. So don't login to your bank's web site and don't login to Yahoo! mail. Don't even visit those sites, or the cookies being stored by your browser will be sent to the web servers! And heaven forbid you are running Windows on your wireless laptop! At a minimum, put Linux, FreeBSD, OpenBSD, or something with at least A LITTLE security on it! The correct way to go wireless is to set up a RADIUS server. If you don't want to spend money, put a small Linux box on your network and run a FreeRADIUS server. On your wireless machine, you'll run "wpa_supplicant", which is the client. It will give you a *SECURE* vpn to the FreeRADIUS server, and from there you can go out a wired link to the 'net. Another option is to use FreeS/WAN. It will allow you to securely connect to a server over the wireless link, and then the server sends the unencrypted request over the wired link to the outside world. The thing I like about FreeRADIUS is that I can quickly get my friends an "account" when they visit, so that they can surf the web using their equipment. And it's as secure for them as it is for me. Of course, once the connection is outside your little network, you're in the big, bad world of the Internet and your packets are fair game to a lot of people... If you bought a LinkSys router that's running Linux, you can always load new firmware on it that supports SSH. From your laptop, you connect to the router directly using SSH and use SSH to forward ports from your local machine to the router, such as port 80. Now connect to [url]http://localhost:80/[/url] and you're really connecting to the router, with the advantage that all traffic is tunneled over SSH. Here's a news flash for you: not even the NSA (National Security Agency) can listen in on an SSH-encrypted channel! They can, however, decrypt your 128-bit SSL in realtime using their machine known as Echelon (it's not really a "computer" per se, because it only does one thing and isn't really programmable). Yes, I said "realtime", meaning without any delay. :eek: I use 802.11b because, as stated earlier, I don't need fast wireless access to the 'net (my cable modem maxes out at 650KB/s -- that's a capital "B"). And I ONLY use wireless for web surfing and only to places where I don't have to login. When I'm pushing files around my office I am strictly a wired Ethernet shop. The data stays protected behind my Linux firewall, so even my wife's laptop with a Windows virus can't get to it. (She comes into my office to do our accounting on a Linux machine which is inside the network, because I won't allow her to connect to the company network with a (possibly) virus-laden Windows box.) I'm not going to drone on and on about wi-fi, but if you value your privacy, you'll pick up the recent 2-part series in LinuxJournal (I think it was April or May) that discusses how to install and configure a FreeRADIUS server and set one up for yourself. Anything else is running naked through the streets with a bullseye tattooed on your b*tt! ;) [/QUOTE]
Insert quotes…
Verification
Post reply
Community
General Tabletop Discussion
*Geek Talk & Media
Tell me about wireless routers
Top
