Colin Günther wrote: > Yes, you could use some higher layer security mechanism to protect > your data transmission, at least. Still it would be possible for your > neighborhood to hijack your wifi connection and surf on your cost and > on your identity. Authentication gateway should deal with that and make the connection unique to specific users. IPsec might give a unique identifier. What kind of packet filter does Haiku use? Are there any notes or documentation online? Colin Günther wrote: > And IIRC those methods were introduced, due to the debacle with WEP > security. Which was rendered as being unsecure rather quickly after > its introduction. Which is why WPA/WPA2 were invented. Both ranked > high on my todo list :) They rank high on other people's lists, too. But maybe not on any list it is good to be on. ;) WPA / WPA2: http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-speed/ http://www.smallnetbuilder.com/content/view/30278/98/ http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf We could take a message from Kerberos and just work around the fact that the transmission medium is probably compromised and just assume it is 100% compromised. The first link talks about unfortunate boondoggles called VPNs, but IPSec and SSL VPNs are the secure options. So, just a guess, the same security might be achieved by using IPsec by itself, presumably with IPv6. Just a stab in the dark. /Lars