OpenWlan

The real setup is described on SlackWare. This page is about *open* wlan – no encryption, anybody can join, good or bad?

SlackWare

I still dream of an **urban open wireless network** – I don’t know whether that kind of thing ever took off; at the time it seemed that some cities such as Seattle where on the right way.

Seattle

Security Considerations

Open Wlan is good but I strongly advise you to find another solution. Unless you are willing to put serious effort to secure your lan.

Some concerns:

Is your smtp server protected by password andd uses encryption? If not anybody will be able to send mail through it, and if someone uses this for a bad purpose, your isp will just point at you.
Are your pop servers encrypted? if not anybody will be able to read your mails, sniff your password and steal your mails.
What if someone starts to uses your connection to access content with pedophilia or other. Again your isp will point to you.
What if someone starts to download movies 24/24 with your connection? Are you going to triangulate to find him or set up some bandwith control or encrypt your network?
your router probably act as a firewall, thus protecting your machines, but by granting access to your network you will have to be a lot more carefull. (which is probably not a bad idea anyway....)

And I think that all these things are pretty simple to do.

So I really think you’d better buy a small switch or hub and and stop using wifi on your desktop pc, or exchange or sell your card to buy a new one that is better supported under Linux. If you still want to share your connection you can put a note on your web site saying that your are will ing to give your key so that you know to whom you give access. – PierreGaston

Good points, all of them. As for mail and other services, I didn’t have a firewall before, so all your points were just as pertinent then as they are now. I have an SMTP server that only does local delivery on the desktop; on the Mac I don’t think there is one. telnet localhost smtp gives me “connection refused”. My gnu.org mail travels the net as plain text, but the password is encryptet (APOP). My thinkmo.de mail (ie. emacswiki.org for me and orientalisch.info for Claudia) is encrypted (POP3 + SSL). As for other people misusing my network for criminal deeds, I don’t think I can be made responsible for that. If I leave my car unlocked and somebody takes it and runs over somebody else, I can hardly be called an accomplice. Maybe negligence. But then again I bought the weakest access point they had with a reach of 14m and going through one wall only (as they said in the shop). So chances are that I give access to my immediate neighbours above and below access. The guy below is an old drunk; the kids above look like ordinary students. 😄

I just need to remember all of this when I decide to buy a printer and connenct the printer to the AirPort Express... Same thing is true if I ever decide that I want to share drives...

– Alex Schroeder

Alex Schroeder

Still there are little differences, like if I want to read your mails, I have to gain access somewhere where your packets passes, which is not that easy, unless you work for an ISP for instance and then it’s a bit different. For instance, when I was managing a mail server I never opened a mail and I even never thought to do so.

As for the responsability the difference with someone who steals your car is that in this case it is fairly easy to prove that somebody else was driving. If someone launch a virus from your IP, it might be bit more complicated.

I may sound a bit paranoid (what?? you didn’t use a firewall 😉) but over the years I have been the witness of more and more attacks on pcs (mostly on windows machine) and even if you don’t follow my advice a page like this might be usefull to warn some people about some of the dangers of having a wifi network without encryption .

PierreGaston

Hehe. Yes, **no firewall**! If you are using Windows, you never know what services are running. On my Linux boxes, however, I just disable the services I don’t need. No ftp server, no IMAP or POP servers, no news server, no NTP server, no message server, nothing. Sometimes Apache, sometimes SSH. That’s it. No shares made available via Samba or anything like that. – Alex Schroeder

Alex Schroeder

How did I get here?

The Slackware Help Forum mentioned a wireless card with encryption. Bought a Netgear WG-311T. It needs madwifi, they say. Got the madwifi drivers from cvs, make, make install, ... And tried it for hours. Asked for help on #madwifi. Fiddled with _etc_rc.wireless.conf. Built athstats in the tools subdirectory. Disabled WEP on the network. To no avail. Eventhough I sometimes saw the ID of the AirPort Express when I used iwconfig – the ath0 interface was there! I was never able to actually run dhcpcd -d -t 10 ath0. That one always timed out and a subsequent ping failed. I was not online.

a wireless card with encryption

madwifi

cloink’s suggestions did not help. Didn’t find anything in the madwifi faq did not help, either. What’s frustrating is that it seems to work perfectly well under SuSE.

cloink

madwifi faq

SuSE

(

Damn, just googled around and found another WG-311T + Linux success story.

another WG-311T + Linux success story

I was giving up, preparing for bed, when I reconfigured the network to again be unprotected, rebooted the machine, and just issued an ifconfig ath0 up without any fancy iwconfig stuff. Then tried a simple dhcpcd ath0. And it worked. Whaaat!?

Ok, reinstall the WEP thing (how do I use the WAP alternative on Linux?)... More time passes. Nope. Trying WPA – getting wpa_supplicant, reading, building, installing, cursing – does not help!

Finally forcer on #wiki reminded me – open wlan is *good*. So be it. 😄

Alternatives

Alternatively, give your neighbours the up-side-down Internet, or the blurry web! ¹