Wireless LAN resources for Linux

http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Wireless.html

Wireless LANs in use
Jean Tourrilhes
25 July 07

20 Security and Privacy

For higher level of security, I would advise to use a security solution
independent of the wireless link (like IPsec or a regular VPN, see below).
This separation of wireless and security has other advantages, for example
the security solution can be updated independently of the hardware as
needed, and hardware from different vendors can be mixed.

I would still argue that most home users don't really need security beyond
preventing people accidentally joining their network. Most web site that you
will access over wireless and that handle critical information already use
SSL to encrypt those transactions, which is proven to be very secure, and
there exist secure versions of POP or IMAP (still using SSL). Users that
access remote Intranets most often already uses VPN software. So all
critical transactions are often already protected, or easy to protect.

For those who need it, like if you are paranoid, your life depends on it, or
if the wireless link is already behind a firewall, you need to set up a
encrypted tunnel above the wireless link with a VPN protocol. Various VPN
protocols can be used with Linux, such as IPsec, PPTP and SSH (IPsec
considered is the ultimate security solution). You will need to setup a VPN
gateway on the other side of the Access Points and the VPN software on every
wireless device. That's usually complicated to setup, but that's the price
for security.