On Fri, Sep 9, 2011 at 11:33 AM, David Walker <davidianwal...@gmail.com> wrote: > Hi. > > I'm using some old gear that doesn't support WPA or better (WEP only). > Until I get around to that what are my options security wise? > > Here's the machines: > > inet <-> OpenBSD <-> CPE AP <-> USB <-> OpenBSD <-> desktops > > The AP is some Cisco or something. Like those WRT54s and whatnot. > I notice it has options for L2TP pass through and maybe IPSEC and PPTP. > I'm not really sure how they work that (no man pages of course). > The USB stick is old and WEP only (Netgear MA111). > > I have control over all the machines > It's a bit dual purpose - it's my route to the internet so I figure > encrypting/decrypting at the OpenBSD machines or tunneling between > them or something is probably good but the plan is also to access the > immediate inet OpenBSD machine from the desktop end OpenBSD machine > via SSH at some point but I'm not sure if that matters. > > I'm unfamiliar with all of that (yes even SSH). > I'd like to use something that's in base at a minimum. > If it's conceptually simple that's a bonus.
http://www.openbsd.org/faq/pf/authpf.html or you can slightly modify this one which is quite old, but not so much changed in fact http://www.openbsd-support.com/jp/en/htm/mgp/pacsec05/index.html > > Best wishes.
