Slashdot Mirror

← Back to Stories (view on slashdot.org)

Building a Wireless Network for an Apartment Complex?

Posted by Cliff on from the wave-of-the-future dept.

itwerx asks: "I've been asked to design a wireless infrastructure for an apartment complex. Tenants will pay an 'access deposit' and a monthly surcharge to get a PCMCIA/PCI/USB network card along with free installation and, of course, wireless Internet access. The buildings are arranged such that 2 WAP's per building should cover all the tenants (one WAP per side, far enough away to get line-of-sight through the windows). I do have a few concerns, however. All help is appreciated and when we're done we'll put up a HOWTO!"

"My concerns are the following:

  • Interference between WAP's (there's several buildings) - there are enough channels if we go 802.11a but cost is a concern.
  • Management of 'hitchhikers' - we're planning on manual assignment via DHCP/MAC address for tenants with others having all their HTTP requests get directed to an info page. Anybody done something different?
  • Interference from WAP's and other devices that may be owned by tenants! Should we just avoid the default channel and hope for the best?!?
What other things might I need to worry about?"

1 of 294 comments (clear)

  1. Re:IPSEC by SealBeater · · Score: 2, Offtopic

    This guy doesn't need real security

    That's the problem, attitudes like yours. I could care less about sniffing
    traffic, that's not the point, the point is to replace WEP with something
    better, and the goal isn't to stop people from grabbing credit card details,
    it's to prevent Joe Hacker from having an easy leap off point to lauch attacks
    against others. In addition, you don't need firewalls on the machines to
    prevent traffic sniffing, ipsec tunnels set up on the boxes that pass IP traffic though
    the wireless link work just as well. here
    and here.

    It sounds like if you had your way, he should just put up a couple of apple
    airports and forget about it. What myself and others are doing is trying to
    implement a reasonable amount of security when it should be implemented, at the
    beginning, and not as a duct tape fix after there is an incident and this guy
    has to explain why attacks were launched from his network. At any rate, the
    openbsd boxes with wireless cards is still the ideal solution, both from a cost
    perspective and a security perspective. There have been attacks against all
    the commercial wireless access points, ranging from expensive Ciscos to
    Breezecom to Linksys. The point isn't to have a totally locked down B1 and
    above security implementation, it's to make it the kid with the laptop decide
    to move on to Joe User's unsecured Linksys and not this guys network. I also
    assume that this guy is looking for a way to keep costs low, and this is the
    best way to do it. Somebody earlier mentioned Cisco Catalysts, yea
    right

    SealBeater

    --
    -- Its survival of the fittest...and we got the fucking guns!!!