[Ham-80211] Access control suggestions
jeff at aerodata.net jeff at aerodata.netWed Nov 3 17:27:30 UTC 2004
- Previous message: [Ham-80211] Access control suggestions
- Next message: [Ham-80211] Access control suggestions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Steve: If I am not mistaken, Icom was actually trying to DISCOURAGE hams from using WiFi, instead trying to encourage them to use their proprietary D-Star system. I saw one of their powerpoint presentations (DCC?) in which they had a slide that stated why hams should not participate in the Hinternent/WiFi. But I could be wrong, most certainly I'd like to see your thought/suggestion of support be reality. As to frequency, we share a subset of the band with the Part 15'ers, so getting away on frequency, using cheap COTs equipment I don't think is a option. However, there are other ways to make the system "incompatible" which will have the same desired effect. One of the projects I have been following closely, and am a active user, is the SVEASOFT WRT54G Linux project. You can see it here: http://www.linksysinfo.org/ http://www.sveasoft.com/modules/phpBB2/index.php The WRT54G is a 802.11g router the runs Linux. One of the "problems" of Linux is you often have to release source, and LinkSys had to just that. And what has happened as a result of this is quite a number of projects that have enhanced this router (and added to LinkSys's bottom line I might add!). So, I suspect it might be fairly easy to create a "non-compatible" fork of the source code for hams, that would keep 99.95% of the general public out of our space. Now, if only the Japanese manufacturers could open source their products, we'ed really have something! -Jeff wb8wka > Here's a thought. How about we work with major > manufacturers such as Icom (who already has wifi > products), yaesue, kenwood, etc. to get them to > produce a ham radio specific WiFi solution. The > technology would be identical to existing products. > Only difference would be is setting the RF equipment > to work on ham radio frequences that do not fall on > the shared part 15 frequencies. If they contracted > with companies such as Orinoco, Linksys, Cisco and > other wifi producers, there would be very little > startup costs. Just a matter of firmware > modification (I think) to use ham specific frequences. > If that could happen, then we would not have to worry > about the mixup between part 15 and part 97 users. > > IF they can do this for under $50, even under $100, I > could jump out and buy one. > > Thoughts? > --- dubose at texas.net wrote: > >> Please don't get "overly" concerned about access >> restrictions. >> >> Rmember that just as repeaters are open...they are >> however on amateur radio >> frequencies...this does not prevent someone who is >> not licensed from >> transmitting on that frequency. You take normal >> precautions against improper use. >> >> With 802.11b you are sharing the frequency with >> un-licensed individuals so you >> need to make a reasonable attempt to restrict access >> to you AP/network.you rig >> is any of these are operating under Part 97. >> >> MAC, IPs in the 44. domain or a published WEP are a >> reasonable attempt to keep >> unauthorized access to your Part 97 operation. >> Clearly if you see unauthorized >> operation as the station controller, you take >> appropriate action but other than >> that, if you believe that you have taken reasonable >> care to prevent unauthorized >> access, then that solves the problem....but feel >> free to lock it down as tight >> as you please. >> >> I have chosen to use the Public WEP key published on >> the ARRL/HSMM web pages. >> >> Walt/K5YFW >> >> >> > On Mon, Nov 01, 2004 at 09:31:28AM -0800, Steven >> Phillips wrote: >> > > That still leaves one question open. The AP is >> still >> > > being used under part 97 rules. Is using static >> IP >> > > assignments under AMPERNET sufficient access >> > > restriction? Part 15 users can still connect to >> the >> > > AP, but they will not get any network access and >> can't >> > > do anything beyond connecting to the AP. This >> is >> > > because they will not have an IP address. The >> only >> > > exception I can think of is if the general >> public >> > > discovers the AMPRNET IP scheme and assigns >> themselves >> > > an IP address? Simple solution. When a person >> > > applies for access to the network, require them >> to >> > > provide the unique MAC address of their WLAN >> card(s) >> > > and do a MAC check during authentication. If a >> person >> > > does spoof an IP, they still won't have access >> because >> > > they do not have an authorized MAC address. >> > > >> > > So, there's my $20 worth. Let me know what you >> think >> > > and if you have any thoughts about my >> suggestions. >> > > >> > >> > Steve, >> > >> > MAC authentication is very weak. One need only >> eavesdrop on your AP to >> > find out the authorized MACs. Ditto IP address >> authentication. >> > >> > Keep in mind that for a person to "operate" your >> Part 97 AP, their >> > computer needs only to send your AP an 802.11 >> packet. Virtually any >> > 802.11 management request (Probe, Authentication, >> Association) will induce >> > your AP to send a response. Also, your AP will >> probably produce a CTS >> > response to any RTS packet, regardless the >> RTS-sender's authentication >> > status. Sending your AP a data packet will >> likewise yield an 802.11 ACK, >> > or even a Deauthenticate response. As a matter of >> course, your Part 97 AP >> > is going to receive Probe Requests from 802.11 >> stations that are scanning >> > for APs. A clever and malicious person may be >> able to make your Part >> > 97 AP send a flood of packets all day long, >> without ever authenticating. >> > >> > Dave >> > >> > -- >> > David Young OJC Technologies >> > dyoung at ojctech.com Urbana, IL * (217) >> 278-3933 >> > >> > _______________________________________________ >> > ham-80211 mailing list >> > ham-80211 at lists.tapr.org >> > >> > https://lists.tapr.org/cgi-bin/mailman/listinfo/ham-80211 >> > >> >> >> >> _______________________________________________ >> ham-80211 mailing list >> ham-80211 at lists.tapr.org >> > https://lists.tapr.org/cgi-bin/mailman/listinfo/ham-80211 >> > > > > > __________________________________ > Do you Yahoo!? > Check out the new Yahoo! Front Page. > www.yahoo.com > > > > _______________________________________________ > ham-80211 mailing list > ham-80211 at lists.tapr.org > https://lists.tapr.org/cgi-bin/mailman/listinfo/ham-80211 >
- Previous message: [Ham-80211] Access control suggestions
- Next message: [Ham-80211] Access control suggestions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the ham-80211 mailing list