[OLSR-users] Securing the OLSR interface
Henning Wangerin
(spam-protected)
Sat May 20 00:50:15 CEST 2006
On Fri, 2006-05-19 at 16:08 -0500, John Gorkos wrote:
> Consider using MAC filters in your IP tables of the routers.
That has nearly no effect, if somwone wannts to get into the network.
> If someone out there is clever enough to change the mac address of their card,
Took about 15 seconds to change my mac-adresse, so all you need is
listening n the wlan for communication, so you can get some ip's
talking.
> and spoof your network, they're clever enough to overcome just about anything
> else you try to foil them.
In my project I'm in phase 1, where no security is setup.
In phase 2 we will implement wpa-psk, but would like to differentiate,
so olsr-nodes is identified via wpa, but mobile users can get in
unencrypted.
My idea is to get a distributed radius-setup where every node is a slave
of the others, and users can be added at any node and be able to login
at any node that has been updated.
I'd like a distributed solution so that if the net breaks up, each part
will still be able to work, but as separate networks until the link(s)
is fixed.
Btw:
Anybody know of a radius setup that can do this?
Or somethinf else that can manage the user-database of wpa?
Thanx
--
Henning Wangerin <(spam-protected)>
More information about the Olsr-users
mailing list