> Has anyone had any experiences with the wire less network. good or bad, > speed other comments > We are moving and the new place does not allow any holes. They work well, but even with WEP encryption the encryption key can be cracked by a person evesdropping on the network with tools like kismet, etc... given enough time. And not very much time, really. Basically the consumer-grade stuff should be considered insecure for commercial use. Used in a home, it's probably "okay" but if you're super-paranoid, no. Look for a Wireless Acess Point that either integrates a VPN solution where all authenticated users are encrypted over a high-encryption tunnel to a server, or build a solution that brings your users to a VPN router (only) and they have to log in with a VPN client and authenticate before they see the "rest" of the network. Other solutions are to use access points that are starting to deploy the new 802.11i security standard, where the WEP key is rotated quickly (usually every packet) so cracking the key becomes a huge order of magnitude more difficult. For commercial uses (far too expensive for home use), Cisco has been using this type of rotation and the ability to flash the encryption key into the wireless cards themselves (so the end-users never get them so they can't "share them with a buddy") as their proprietary security protocol for a while now. Their AP's also integrate nicely with their firewall products (Cisco PIX). Their products should definitely be considered superior over the other non-commercial-grade stuff if you're doing a permanent wireless deployment in a business environment. Lucent's gear used to be good, but was always underpowered on the RF-side, meaning more access points, but less chance that someone outside the intended area will be able to receive the signal. In other words, there's a bunch of ways to make them secure, but using a consumer-grade access point will definitely not be totally secure long-term, and anything coming from the wireless side should be treated "with prejudice" until the user is authenticated and a secure tunnel has been built to their machine, or a better WEP algorhythm is used. There's a large number of ways to do this. On the flip side, huge numbers of people do use the standard 128-bit WEP for security daily for home and business use, and even though it's trivial to crack, the chances that someone cares enough about your network to do it "for fun" are fairly low -- "wardriving" is still a big past-time of some people though. And if you ever have any enemies who really want to cause you trouble, they'll be able to if they park close enough to your house. :-) Also plan your RF coverage carefully if doing an office or multi-story home... walls with steel inside of them act as nice Faraday cages, even standard wood stud walls block some signal at 2.4 GHz, of course. Also metal-impregnated windows, etc. You'll probably need more access points than you think to cover a large office space in a typical commercial building. Many consumer-grade AP's don't handle "handoff" between multiple AP's very well at all. And anything that builds a TCP session like the VPN solution listed above could have trouble when the user goes "roaming" 'round the office. If doing the home, just try to centrally locate the AP in-between all the rooms you'll want access in. You may find that if you need outdoor access, you might have to use an add-on gain antenna indoors -- plenty of those with the proper connectors for whatever AP you buy available on EBay and elsewhere. Nate Duehr, nate@natetech.com -- http://www.piclist.com hint: To leave the PICList mailto:piclist-unsubscribe-request@mitvma.mit.edu