Wireless security

[David Aikema]

I placed an order on an apple ibook last week and it's scheduled to be 
available for pickup midweek.  I'll be acquiring an airport (802.11b) card at 
roughly the same time so that I can tap into the wireless network at 
university.

I've been considering either acquiring one of those Linksys WAPs or a Linksys 
wireless PCI card and hooking it up to my server so I can enjoy some newfound 
portability around the house.  I had some rather poor experiences with linux 
compatibility of linksys NICs before, but the drivers appear to compile on my 
server.  Kurt: you mentioned in the Wireless networking SxS that you're using 
some linksys wireless stuff.  Did you encounter any problems getting the 
cards to work properly?

Anyways, one thing that has been bothering me is security.  Is it a little 
paranoid to be thinking that someone is likely to hack into a WEP-encrypted 
(home) network? (WEP ain't exactly stellar encryption, but I understand that 
you'd have to sniff the traffic for a while to be able to break through).

I'm aware of NoCatAuth (http://nocat.net) which would appear to offer 
authentication support, but (a) it warns against the authenication server and 
gateway being the same machine, and (b) ipchains support in NoCatAuth is 
borked according to the TODO file in the package and I don't feel any urgent 
desire to update that machine.

One other option that has come to mind is using some sort of (encrypted) VPN 
tunnelling over the wireless connection.  Hopefully there's some easy way to 
make this basically invisible to the end user after the initial setup.  Has 
anyone experimented with an approach like this?  Would something like this 
add much CPU overhead? (server is a p233 mmx).

David Aikema