I wouldn't bother with WEP if I used VPN. It'll just slow the connection a tiny bit and eat up batteries on a laptop a tiny bit faster. But as Sk3ch pointed out, this is your mother's place, not yours or mine. We can handle monkeying with VPN. We like doing that. We like SSH. Your mom probably does not. (No offense to any mothers on the list!) Keep it simple unless you like not only setting this technology up, but also supporting it every time the power goes out or Windows bombs. John > -----Original Message----- > From: tclug-list-bounces at mn-linux.org > [mailto:tclug-list-bounces at mn-linux.org] On Behalf Of Jason Jorgensen > Sent: Monday, December 29, 2003 1:34 PM > To: TCLUG Mailing List > Subject: Re: [TCLUG] Wi-Fi security question > > > I would set it up so only VPN's would get any access. > > I would setup a DHCP server and a VPN server of some type (freeswan, > vtun) on the wirless network . Then anyone that breaks the WEP doesnt > get much access at all, not even internet access. The VPN connection > could be trusted behind a firewall. > > > The Wandering Dru wrote: > > > My mom is looking to go the wireless route in the near > future for her > > laptop. I know a lot of you that use wireless put the AP > on the DMZ > > of your firewall. > > > > My question is this, do you pinhole the firewall to allow certain > > services(ie, filesharing, printing, etc.) back into the LAN > or do you > > just limit the AP to internet access? Or is there some other fancy > > way to allow these services that I'm not aware of? I'm mostly just > > looking for a security/convenience trade-off comparison. > > > > I have nearly no expereince with wireless and would like to come up > > with a plan/cost before I go buying stuff willy-nilly on my > mom's bill. _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list