[OLSR-users] Securing the OLSR interface

Henning Wangerin (spam-protected)
Sat May 20 00:50:15 CEST 2006

On Fri, 2006-05-19 at 16:08 -0500, John Gorkos wrote:
> Consider using MAC filters in your IP tables of the routers.

That has nearly no effect, if somwone wannts to get into the network.

> If someone out there is clever enough to change the mac address of their card, 

Took about 15 seconds to change my mac-adresse, so all you need is
listening n the wlan for communication, so you can get some ip's

> and spoof your network, they're clever enough to overcome just about anything 
> else you try to foil them.

In my project I'm in phase 1, where no security is setup. 

In phase 2 we will implement wpa-psk, but would like to differentiate,
so olsr-nodes is identified via wpa, but mobile users can get in

My idea is to get a distributed radius-setup where every node is a slave
of the others, and users can be added at any node and be able to login
at any node that has been updated.

I'd like a distributed solution so that if the net breaks up, each part
will still be able to work, but as separate networks until the link(s)
is fixed.

Anybody know of a radius setup that can do this?
Or somethinf else that can manage the user-database of wpa?

Henning Wangerin <(spam-protected)>

More information about the Olsr-users mailing list