Books
in black and white
Main menu
Home About us Share a book
Books
Biology Business Chemistry Computers Culture Economics Fiction Games Guide History Management Mathematical Medicine Mental Fitnes Physics Psychology Scince Sport Technics
Ads

wireles network hacks mods - briere D.

briere D. wireles network hacks mods - Wiley publishing, 2005. - 387 p.
ISBN: 0-7645-9583-0
Download (direct link): wirelesnetworkhacks.pdf
Previous << 1 .. 60 61 62 63 64 65 < 66 > 67 68 69 70 71 72 .. 87 >> Next

Chapter 8: Staying Safe in the Wireless World 141
Figure 8-2:
Running your own authentication with LucidLink.
FreeRADIUS: If you’ve got a Linux box in your network and you feel comfortable compiling software (if you’re a Linux user, you know what this means — if you’re a Windows user, and you don’t know, don’t worry about it), you can get into the RADIUS world for free. The aptly named FreeRADIUS project is designed to provide a full service, industrial-strength RADIUS server that can support even a large-scale Wi-Fi network.
To find out more about FreeRADIUS, and to download the latest build of the software, check out the project’s Web site at www.freeradius.org. You can also find a great online tutorial telling you how to get up and running with FreeRADIUS at the following URL: http://tldp.org/HOWTO/html_single/ 8 021X-HOWTO/.
Another open source project for Linux users that might come in handy is the Xsupplicant project (www.open1x.org). This software project provides an 802.1X supplicant client software for Linux users, equivalent to those supplicants included in Mac OS X and Windows XP.
Using an 802.1X service
If you don’t have the time and energy (or the spare computer) to run your own RADIUS server, tying your network into a hosted authentication service is a good alternative. These services require you to make just a few simple settings in your access point(s) (we’ll let you know which settings), and then set up your PCs using either your own supplicant software (built-into the OS) or a piece of client software that makes it even easier to get up and running.
142 Part II: Boosting Performance on Your Wireless Network_____________________________________
These hosted authentication products often have a “per-license” fee structure. In other words, you must pay more for each user or incremental bunch of users you add to the network. Users aren’t just people using computers — they can also be devices on your network involved in machine-to-machine communications like storage devices, audio servers, or Xboxes. So although these hosted authentication products are often reasonably priced, if you add many users or connected devices to your network, you may end up finding a better bargain by configuring your own authentication server software.
Hosted authentication services are a relatively new thing on the marketplace. Tons of alternatives aren’t available yet, but home and small office users do have a few choices. A couple of our favorites include
^ Wireless Security Corporation’s WSC Guard: Found at www.wireless securitycorp.com, this service provides a completely hosted and easy-to-use RADIUS authentication service for users ranging from a single AP and a few users up to bigger networks with dozens of APs and hundreds of users. WSC Guard uses the PEAP (Protected EAP) protocol for authentication, and can be used with a long list of Access Points (the WSC Web site has an ever-growing list of compatible models).
WSC Guard has a few unique features that make it particularly user-friendly:
• Client software that takes care of both the supplicant client and all of the AP and client configuration. You don’t need to spend any time in your AP’s Web configuration page or in your PC’s wireless config systems (like Windows XP Zero Config).
• Free guest access for up to 48 hours at a time. You don’t need to bump up your account to a higher number of users if you have occasional guests on your network. Guest users can download the free client software, or they can configure their computer’s own supplicant programs (manually or using an Active X control on the WSC Web site) for access.
• A Web-based management portal where you (as the “admin”) can add users, delete users, control access levels, and more.
Figure 8-3 shows the WSC admin page. The service starts at $4.95 a month per client (less per month for larger networks, or if you pay for a year in advance).
^ WiTopia’s SecureMyWiFi: The closest competitor to WSC Guard is the SecureMyWiFi service offered by a company called WiTopia (part of a company called Full Mesh Networks). WiTopia’s service offers many of the same service features as WSC Guard, including a Web-based management “admin” portal, and hosted PEAP-based 802.1X authentication services. You can find out more at www.witopia.net/aboutsecuremy.html.
Figure 8-3:
Configuring your users with WSC Guard.
Chapter 8: Staying Safe in the Wireless World 143
The big difference between the two is philosophical. Whereas WSC Guard uses client software to configure APs and to control access from the PC (limiting the service to Windows XP and 2000 users — other operating systems can use it but are not officially supported), SecureMyWiFi relies upon the supplicants built into Windows XP/2000, Mac OS X, and some versions of Linux, and in doing so supports more users with mixed networks. You need to spend a few minutes configuring your equipment, but it’s not difficult (we walk you through the general steps in the next two sections and WiTopia has specific instructions on their Web site). The big advantage is price — the service is just $29 a year for one AP and up to five clients (with additional fees for extra clients and APs). The one thing we think is missing is the free guest access found in WSC Guard — if a guest accesses your network and you’re already at your limit of clients, you either have to pay more or not allow the access. Figure 8-4 shows the SecureMyWiFi admin console Web page.
Previous << 1 .. 60 61 62 63 64 65 < 66 > 67 68 69 70 71 72 .. 87 >> Next