LISTSERV - HP3000-L Archives

HP3000-L Archives

May 2002, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L May 2002, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Re: OT: Wireless Security (for Greg, re wireless subnetting)
From:	Denys Beauchemin <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Sat, 11 May 2002 22:36:02 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (163 lines)
The Verizon Wireless current offering for wireless nationwide Internet
access use CDPD technology.  This is the same thing I use when outside the
office.  I get mine from HPQ, called iPAQnet.  The principle of operation is
that the PC-card, in this case a Sierra Wireless AirCard 300 has a unique IP
address in its memory.  Whether I place the card in my Pocket PC or my
notebook, I have the same IP address and can access the Internet wirelessly
virtually anywhere in the US, riding on excess cellular phone networks.  All
this costs me $39.95/month for unlimited usage and unlimited roaming.  This
is a deal if I ever heard of one.  The downside is that it is slow,
(19.2Kbps) but it is quite reliable.  I have accessed my email and the www
from inside an airplane, waiting to push back from the gate.  I can leave my
notebook connected to the Internet overnight at the hotel room and get all
my mail.  I have used it in cars, (not me driving,) planes (on the ground,)
rental car busses and other such conveyances.  As long as there is digital
cellular phone service, CDPD usually is available.  Verizon Wireless also
offers CDPD, but I cannot find their rates.

We have all heard about the imminent arrival of CDMA2000 and other such
2.5/3G wireless access technology.  Actually at the Houston airport 2 trips
ago (week before last), there was a man from Verizon trying out that
network.  He managed to get 44Kbps.  This technology uses an AirCard 550.
It is not anywhere near as pervasive as CDPD, but it is about 2-3 times
faster.  The industry keeps talking about wireless broadband with rates
close to 384Kbps.  Well, it ain't here yet.  Also, after a year of using
CDPD and Pocket PC, I am here to tell you that 3G phones are NOT the killer
app everyone makes them out to be.  I would much rather access the WWW on my
21 inch monitor at the office or on my 15 inch LCD panel on my notebook.  It
is barely usable on the iPAQ Pocket PC, which has a 3.5 inch LCD.  On a
phone, it will be useless.  I must note however, that many sites are
sprouting special pages for PDAs.  For instance Continental.com, the airline
I use most (home town is Houston,) has a special page for PDAs, called
pda.continental.com.  There you can get flight status and such information
and it is formatted for a small screen.

However, whenever I can, I would much rather access the Internet via WLAN.
It is so much faster.  When I was at Comdex last fall, I used my CDPD card
in my iPAQ while on the show floor.  I had a lot of problems getting a
connection to CDPD.  Then two things dawned on me.  1- Everyone was using
their cellphone to stay connected to the office, each other and with their
families (this was just a few months after homicidal Moslems attacked
civilization,) and so there was virtually no residual bandwidth.  2- There
were lots of booths showing off wireless gear, such as access points and
PC-cards.  I pulled out my WL110 card and let my iPAQ scan the airwaves.
Inside of 4 seconds, it had detected 24 APs.  I selected one of them and
sure enough, it was wide open and had access to the Internet.  I downloaded
my mail inside of a minute (50+ messages.)  I could also check news web
sites to see if the world was still spinning.

WiFi, Wireless Fidelity, is a certification that manufacturers of 802.11b
devices like to have for their offerings.  This certification means that
your WiFi gear should work with other WiFi gear without any problems.  The
802.11b WLAN protocol supports 11Mbps maximum and runs in the 2.4GHz radio
band.  You can set up your access point to use WEP (Wire Equivalent Privacy)
encryption.  There is 40bit and 128bit encryption.  If you do not have WEP
enabled, anybody can connect to your WLAN as long as they are close enough,
and if you have a DHCP server, they can be served an address and the
credentials needed to access the Internet if the WLAN has a gateway to the
Internet.  There are many sites set up exactly like this and this is what
this thread was about.  There are even web sites that indicate where such
sites can be found.  You can also find them near airport lounges, high-tech
conferences and other such venues.  If WEP is not enabled, you might be able
to access the Internet for free, over the airwaves.

WEP is actually a pretty feeble encryption mechanism, which has been found
to be easily circumvented.  A program called AirSnort, which runs on Linux,
can break the 40-bit key with about 1000 packets that it plucks out of the
air for a WLAN network.  The 128-bit key takes longer or has not yet been
broken, I can't remember.  At any rate, if someone is running around with
Linux notebook and a WLAN card looking to break into WLAN networks, well
good for him.  He won't find much here, but I am now using 128bit WEP to
prevent the casual users from entering our network or gaining access to the
Internet via our gateway.  Who knows what filthy crap they might send out or
how much spam could originate from our gateway.

802.11a is a WLAN protocol that runs at 54Mbps and runs in the 5GHz band.
The speed is higher but the distances are shorter.  Beyond this, there is
802.11g, which is 54 Mbps running in the 2.4GHz band and which can co-exist
with 802.11b.  The Europeans also have a new protocol called Hyper/LAN2 or
some such thing.  It is similar to 802.11a.  There is also 802.11x, which
will add authentication for users on the WLAN.  No new hardware needed, just
some software.

All this to say, that there are many ways to access the Internet and email
without wires.  It's only going to get better.  In the meantime, shop
wisely.  CDPD should cost you about $40/month for unlimited access around
the country.  CDMA2000 and other 'newer high-speed' access cost considerably
more.  They want to meter the megabytes and the time.  Beware!  I would much
rather have unlimited 192.Kbps access, any time anywhere for $40/month than
pay the outrageous fees I have heard bandied about for the other
technologies.  When I travel, I want to remain connected at all times.  CDPD
does it for me, albeit slowly.  WiFi is great when you can connect for free.


Denys

-----Original Message-----
From: HP-3000 Systems Discussion [mailto:[log in to unmask]]On Behalf Of
[log in to unmask]
Sent: Friday, May 10, 2002 10:34 AM
To: [log in to unmask]
Subject: Re: OT: Wireless Security (for Greg, re wireless subnetting)

And, while I was chasing down info on WiFi and the state of the art, one of
the items I found of interest was the people apparently scan for wireless
"hot spots", and, presumably, what needs to be done to access the nominally
secured networks. Some argue that they are doing no harm by piggy backing
wireless access on someone else's open wireless network. I haven't read up
on all the arguments, because this is not something I would ordinarily do
myself; if I found my wireless device connecting to someone else's network,
I think that I would try to notify their admins, rather than give their
admins cause to come looking for me. At the other end are the Starbucks et
al who provide wireless connectivity for casual use, which I do find
interesting. If I were interested in being always on, anywhere I go, I would
probably ask Denys what he knows about Verizon Wireless's offerings. And I
doubt they would support my old CE 2.11 device.

Rest assured that our admins are very much aware of what I am doing, and
that I have promised to keep them advised of whatever I work out for my own
use. One of them has likewise warned me of dire consequences if I really
mess up, such as setting up a DHCP service, such that it starts answering
requests meant for THE DHCP server (I have assured him that I have no
intention of running a DHCP service), or if I manage to manually assign
myself a fixed IP address in our range that conflicts with another device,
either before or after the fact, or otherwise create conflicts with our
business network. He has tools, and has promised to use them on me without
warning, should I break anything. We both know that this is yet another way
of basically "punching a hole" right thru our firewall, and it needs to be
properly secured.

The device I am using has a range of 100 meters indoors. I am using the
highest encryption setting that the devices support. I am using a WEP key
with passphrase, which, if you can guess, you probably qualify for 48 hours
of psychiatric observation. And, I take the devices with me when I leave for
the day, so it is not sitting around waiting for off-hours creative
mischief.

Then again, I really don't have this correctly configured right now, such
that Windows 2000 is not loading drivers for the USB device this morning. So
I assume the device is fairly secure, at the moment.

Greg Stigers
http://www.cgiusa.com

> -----Original Message-----
> From: Tom Emerson [mailto:[log in to unmask]]
> Sent: Thursday, May 09, 2002 5:55 PM
> To: [log in to unmask]
> Subject: OT: FW: Wireless Security (for Greg, re wireless subnetting)
>
>
> While I was composing my response to Greg re subnets, this
> item popped into
> my inbox -- while probably spam for many, it does fall in
> line with "the
> next thing you have to worry about" when you set up "wireless"
> hubs/routers/etc.

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
ATOM RSS1 RSS2
RAVEN.UTC.EDU