[CUWiN] Node Scurity
dyoung at pobox.com
Thu Sep 23 09:02:49 CDT 2004
On Thu, Sep 23, 2004 at 05:38:15AM -0700, Michael Beale wrote:
> I know the CuWin project is designed for making
> community internet access open but I have a question
> about its security. How can you be sure someone
> doesn't put up an "unauthorized" node? Is there a
> possibility to encrypt communications through the
> nodes with either vpn or similar solution? Is there
> other security restrictions in place?
It is possible to encrypt communications with a VPN. Some of our node
hosts already use a VPN that in order to connect to the network at the
University of Illinois, for example. The wireless network looks to the
VPN software just like any other IP network.
We do not have any security restrictions in place. I think that there
need to be "threat models" for community wireless networks. That is,
before we can answer the question "is the network secure?" we need to
answer the question, "what do we want to protect against?"
I think that we need to protect against routing/forwarding misbehavior,
first---it could be very challenging! I think that some of our users
will demand a built-in VPN capability for the nodes; we can fill that
demand using NetBSD's native IPSec capability.
I'm interested to hear others' input on the topic.
David Young OJC Technologies
dyoung at ojctech.com Urbana, IL * (217) 278-3933
More information about the CU-Wireless