We just setup our first PtP link with Mikrotik software. Was wondering what everyone recommends for security. Currently I have static WDS bridging set up running in 802.11G-only mode. Was curious what you guys were using to secure your backhaul links?
Eric Sooter
The Junction Internet LLC
I’d like to know this myself, what is keeping people from connecting to these backhauls and breaking them? Does anyone recommend using WEP?
Also, Turn off the Default Auth. settings on the interface and in the access list under wireless add the MAC address of the other end.
We currently use a proprietary system for our backhaul links, but plan on implementing MT at some point.
MAC filtering will keep unauthorized users off the link, but you can still passively capture packets using something like airsnort or kismet without having to associate to the network.
If security is high on your prioriety list then you’ll have to encrypt the data somehow. IPSEC/L2TP, or PPTP are probably your best bet, but these protocols add overhead. If the data is not that sensitive, you could use WEP, but WEP is easily broken, and I never recommend it as a method of securing data. It’s nothing more than a speed bump…
Turn on the NSTREME 1 Mode (Polling) airsnort and kismit will see that packet but will not decode them (as of now)
Remember, just like the Karlnet Turbocell system, after a some time someone will crack some of the code.