-
Wireless Networking
Ok Scorp666, let me put it another way, in order to transfer reliable data over the airwaves it has to be free from interference. The 802.11b standard is transmitted and recieved over a 2.4ghz radio spectrum (about the same as your microwave oven), in the USA, FCC will allow us to use 11 specific channels for this purpose without having to obtain a license to use it, this makes 802.11b cost effective, the equipment is reletivly inexpensive today (mine cost me a fortune) and if done properly can obtain superior results. I hold an advanced/extra class FCC license, I tell you this so you won't think I am filling you full of BS ;) the 2.4 ghz radio spectum (microwave) will not pass through most organic substances, they cause signal deflection actually effectivly scrambling your data. In order to reliably transfer data without a line of sight connection it would have to be at a lower frequency, like UHF/FM. With these lower frequencies you will run into other problems, interference from other radio transmitters, power lines, etc. To work around that the only reliable equipment is commercial, This equipment will run on a frequency that will have to be issued to you (at a phenominal cost) by the FCC, this will require the FCC to survey the topology of your area, in an effort to find a channel that will be reliable. This might take months for them to complete...are you starting to get my drift here? Unless you have a boatload of money to pour into an insecure network, then you will want 802.11b for cost effectiveness, which means you will have to build a tower to mount your base antenna to. I had two 180 foot free standing towers 30 miles apart (at $40,000.00 each!!) reliably connected, only with this method I had then erected 2, 180 foot lightning rods connected to my wired lan at each end of my network. You can imagine what the outcome of that was... :zap:
We now have fiber... :rolleyes:
-
Scorp666,
As the machines will always be the same, for added security you could lock the AP down to anly accept connections from specific MAC addresses. But keep in mind, MAC addresses can be spoofed.
I would also place the AP on its own VLAN, and have access lists on the router. Also, if they need access to only a small selection of server, they could also be placed on this VLAN, and change your ACLs accordingly, this is a lot more secure. Or an even better soltuion, is having this area its own DMZ (if possible, depends on how many spare FW interfaces you have).
In my opinion, implementing WEP only slightly better than having it in clear text, as WEP can be broken in pretty much real time. So I would recommend using Kerberos or similar, but I suppose that WEP is better than nothing.
