[Soekris] Net4521 Console Help

Ron Watkins soekris-tech at malor.com
Sun Feb 11 21:43:25 UTC 2007 

For some reason, my first reply didn't seem to go through, so I'm 
repeating it:
**************************
Ma'am, you are projecting a very great deal here.  I wasn't even sure if 
you were female in your first post; you referred to your husband, but I 
grew up in California and just wasn't sure.  (You were, after all, 
posting from an account with a male-sounding name.)  I don't care if 
you're pink, have wings, and howl at the moon on alternate Thursdays; 
you asked a question and I was trying to both answer it and be 
helpful.   This later comment that has you going off sideways wasn't 
even to you, it was to Stuart Henderson, who asked for clarification.   
I'm writing, if you didn't notice, to a guy here, but you're flipping 
out that I'm being sexist?   WTH is up with that?

Updating a Soekris IS a PITA.  It takes at least another computer 
running Unix, and  because of the lack of a keyboard and removable 
media, it's often easiest to do it with a PXE boot setup.   There's a 
lot of steps and a lot of pain involved, unless you just happen to have 
a preconfigured DHCP/PXEboot/NFS server and/or a VMWare image sitting 
around.  Obviously it's doable, but if all you want is a basic router 
and access point, why bother?   Even if you're highly expert, it'll 
usually take 2 or 3 hours to set up that kind of environment from 
scratch.  If you've never done it before, it might be a day or two.  And 
if you go the easy VMWare image route (or a Linux LiveCD) and dd an 
image file over, you can run into trouble with disk geometry on whatever 
CF reader you're using.  That can take quite awhile to troubleshoot.  
What's your time worth?  

The custom Linksys firmwares like DD-WRT will cover about 98% of 
possible use scenarios.  If I were rebuilding my home network today, I 
might very well do this myself.  I like the tight control of being able 
to write my own pf rules in OpenBSD, and fortunately, that OS requires 
very few updates.  It's worth it now that it's all set up, but I'm not 
sure it would be if starting from scratch again.  DD-WRT is startlingly 
good.

I wasn't telling you not to use the Soekris because you are female.  I 
was suggesting that it was likely overkill unless you have very specific 
needs.  I would give that same advice to pretty much anyone setting up a 
home network: if you don't know exactly why you need a Soekris, you 
probably don't.... even if you already have one.

You say you need it... that's fine, use anything you like.   But I 
believe I will avoid answering further questions.

Katherine Carroll wrote:
> If you were really as smart as you think you are, you would have 
> inquired a little more about my network configuration and security 
> tools BEFORE calling me stupid to my face.  Well, I'm not stupid 
> socially or technically.  I'm not saying I'm the sharpest knife in the 
> drawer, but the last thing I need after my husband dying is to be 
> reminded about why I quit my computer career 3 years ago.  Arrogant 
> chauvinists like you who couldn't take any input from a woman that 
> drove me insane.  Regarding every question as a sign of inadequacy and 
> weakness.  I thought I was going to go postal.
> Well... in my situation anyway, I'm afraid that I'm stuck with the 
> "PITA" due to the way our network is configured.  A $52 router isn't 
> going to make this any easier.  Getting the NAT working is way harder 
> than hooking up a damn console.  Assuming that I can get things hooked 
> up "the way they used to be", I think that between ipchains and 
> m0n0wall, I should be okay for a bit.  Even if they are old revs...
> And like Stuart said, it's not that tricky to upgrade the software.  
> If you think it's that big of a pain just to flash a bios, and upgrade 
> m0n0wall then I clearly you're flashy red Ferrari isn't ever going to 
> make your penis big enough.
> Sorry guys, I had to vent!
>
> -K
>
> Ron Watkins wrote:
>> WEP is completely insecure and should be not be used.  It can be 
>> cracked in under 5 minutes with easily-available tools.  Someone 
>> sitting outside on the street with a laptop can be into your network 
>> so fast you might as well not even encrypt it.   Even WPA, while not 
>> directly crackable, is being attacked with brute-force password 
>> guessing.  It's best to use WPA2 with long, complex passwords.
>> If this person's radio is three years old, there's a very good chance 
>> it's still just 11b, and, thus, supports only WEP.   54g hardware has 
>> been out that long, but it was very hard to use with the freeware 
>> OSes back then.
>>
>> If you put the WEP link on an untrusted network, and use another 
>> layer of encryption on top, it could be perfectly safe, but that's a 
>> gigantic PITA to get running when very solid routers with full 54g 
>> are $52 after rebate. :)
>>
>> Stuart Henderson wrote:
>>  
>>> On 2007/02/09 22:03, Ron Watkins wrote:
>>>      
>>>> In all seriousness, this will probably be enough of a pain that you 
>>>> don't want to do this.  The soekris is superb hardware, but if it 
>>>> hasn't been used in several years, it's gonna require a huge amount 
>>>> of patching to get current, which is really hard on these 
>>>> flash-based systems,
>>>>           
>>> It has m0n0wall on it, so upgrading shouldn't be too tricky.
>>>
>>>      
>>>> and you're probably going to want a new radio for it.  It's 
>>>> probably 802.11b, which is 11mbit and horribly insecure.... the 
>>>> newer 11g is 54mbit and theoretically very hard to crack.
>>>>           
>>> Would you like to explain that a bit?
>>>
>>> _______________________________________________
>>> Soekris-tech mailing list
>>> Soekris-tech at lists.soekris.com
>>> http://lists.soekris.com/mailman/listinfo/soekris-tech
>>>       
>>
>> _______________________________________________
>> Soekris-tech mailing list
>> Soekris-tech at lists.soekris.com
>> http://lists.soekris.com/mailman/listinfo/soekris-tech
>>

More information about the Soekris-tech mailing list