Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Securing wireless SIP comms through WEP on WAP2 network

  • 26-06-2008 9:33pm
    #1
    Registered Users, Registered Users 2 Posts: 668 ✭✭✭


    Hi All,

    I have been waiting and waiting and waiting.....etc...for a wireless SIP manufacturer to release a wireless handset that supports WPA2 wireless networks.

    Alas, I have given up waiting and am going to bite the bullet and buy one that can only do WEP. The challenge is that I dont want to downgrade my entire network security to WEP.

    As such, I am wondering if anyone can suggest how I could install a new wireless access point on the network and secure it using WEP, but only connect SIP devices to the AP. Given that the AP will be dedicated to SIP traffic, what could I do to lock it down in such a way as to minimise the changes of my network being comrpromised?

    I am thinking of the following:
    - Only open ports required by SIP (can this be done with a wireless AP?)
    - MAC filtering
    - Fixed IP address

    What else could I do? Not trying to break the bank here btw!

    Ta,
    Jab


Comments

  • Registered Users, Registered Users 2 Posts: 668 ✭✭✭jabaroon


    Forgot to say....some phones can do WPA, but I believe that this is very crackable and that WPA2 is really your best man!


  • Registered Users, Registered Users 2 Posts: 9,579 ✭✭✭Webmonkey


    From my understanding WPA is a lot more secure then WEP? WEP can be hacked in seconds. :confused:


  • Registered Users, Registered Users 2 Posts: 668 ✭✭✭jabaroon


    Webmonkey wrote: »
    From my understanding WPA is a lot more secure then WEP? WEP can be hacked in seconds. :confused:

    Hi Webmonkey,

    I think WEP can also be hacked pretty easily, but WPA2 is very tricky.
    As such, I really dont want to use WEP either, but if I have to, is there a way to secure it/isolate the traffic onto my main lan etc...

    Ta
    Jab


  • Registered Users, Registered Users 2 Posts: 3,739 ✭✭✭BigEejit


    As far as I know WPA-PSK can only be cracked by using a program to guess passwords (brute forcing), WPA2 similarly can only be cracked this way. A password that is long and is a mix of upper and lower case letters and numbers should be secure ..... there are online password generators that will make a random long password.

    What I do is copy and paste that password into a text file and put it on my usb stick, if I add another wireless client then just copy and paste the password into the wireless configuration utility.


  • Registered Users, Registered Users 2 Posts: 804 ✭✭✭TimTim


    This is a solution I've been pondering about before but I got a VoIP phone which has a base station that has an ethernet port.

    But if I had to do that, I'd buy a seperate AP and some sort of embedded linux box. Connect the AP to the linux box and then the linux box to your home network. Set up iptables to only allow connections to and from your VoIP providers IP.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 5,517 ✭✭✭axer


    How many phones are you talking about? What type of networking equipment (switches and routers) have you already? You could connect any AP to a managed switch that can put that AP (and others if needed) on a seperate VLAN and control the access that VLAN has to the internet and other devices on the network with an access-list or something similiar.

    There is the problem that someone could eavesdrop and listen to all the calls made by these phones since the person could capture the traffic and decrypt it with the WEP key.

    Is there a reason why you are not using the likes of the N95 (and probably any other nokia phone that supports WIFI and SIP) - maybe the E51? or are you looking for less of a mobile-type of phone? or are they too expensive?


Advertisement