On Tue, Nov 18, 2003 at 01:31:08PM -0600, Johnny Fulcrum wrote:
> Hi all-
> 
> This may sound crazy, but I have need to limit the range of an access 
> point.
> I'm setting up a test environment for some RF guns (like warehouses use or 
> that you may see employes at target use) - and the bummer is that in my 
> situation the "guns" are basic dumb terminals and use a telnet client to 
> connect to servers on a wired LAN.  The "guns" run DR DOS and can do 
> absolutly not encryptions/security/secret stuff...  it's a pure telnet 
> connection from the gun to wired LAN server via a access point.
> 

I'm familiar with these, you can get a command prompt on the unit by hitting
function enter I think, pretty cute.

> Besides moving my whole development/test environemt to a DMZ zone out side 
> of my firewall, I am hoping to use MAC/IP filtering/ACL at the AP and the 
> firewall and severly limit the range of the AP (and limit the amount of 
> time that it is running)...  can this be done?
> 
> The access point is a Symbol Specturm24 3021

You're relatively safe from people snooping on your network or connecting,
the Spectrum24 3021 is a 2mbit FHSS device, for which there was never really
much consumer equipment. You can't sniff it, or connect to it from any of
the 802.11b/g/a equipment on the market, nor can you even detect it with
those cards.

They also don't have an equivalent of the 'ANY' ESSID, which means they
would have to know the SSID of your access point to connect.

The only configuration I know of that will allow you to *see* FHSS access
points existance without already knowing the SSID is an BreezeCom 802.11
FHSS card running on linux, with a 2.2.x kernel (and they won't associate)

That said, it's still security through obscurity, but beyond mac address
filtering there's really not much you can do with that particular setup.

-- 
Matthew S. Hallacy                            FUBAR, LART, BOFH Certified
http://www.poptix.net                           GPG public key 0x01938203

_______________________________________________
Twin Cities Wireless Users Group Mailing List - Minneapolis/St. Paul, Minnesota
http://www.tcwug.org
tcwug-list at tcwug.org
https://mailman.real-time.com/mailman/listinfo/tcwug-list