Where I work we cannot use a wireless network. I would love to install a wireless router and use my iPAQ. Due to this I am wondering a couple of things.

1) If I had a 802.11b card in my Laptop and one in my iPAQ would it be as open as a regular wireless router? Can it be secure?

2) Is bluetooth a better option? Is it more secure?

From what I have read bluetooth's distance limitation seems to make it a good candidate. I would like to sync wirelessly, check e-mail and look up things on the web, while away from my desk. It would also be great to print to any printer I wanted on the network.

I was hoping that an 802.11b card in the laptop could be set up to only talk to the pda's ip address and not allow any other connection.

I am sorry for the run-on post but I really need to decide if either wireless option will work. I am very new to the wireless arena but familiar with standard networking.

It would seem at this point that bluetooth might be the answer, but the speed of 802.11b would sure be nice. In the end security is a must.

Thanks

Laser :D

Laser,

I would be wary of installing a WiFi network at work, you may be opening up your companies network to a ton of security holes in the process. I would first contact your IT/IRM department and get an official OK, and if possible use other methods to secure you connection than the provided WEP, such as VPN and digital certificates. Also in ad hoc mode (card to card) you will be transmitting at a lower rate than the full (11MB/s) more like 2MB/s which is usually more than enough for internet connection,networking, and fetching email.

With bluetooth products I have used I found that you are limited to the 115kb virtual serial port restrictions set up by the Bluetooth card to get it to work with the PPC. Also you must setup internet sharing on your host computer to get it to see the internet. WiFi just seems to do it.

Also how far away are you planning from being from your desk? Depending on which mode of Bluetooth you are using the maximum range I have found is in a range of 33 feet (10 meters) or more depending on the radio's strength, with WiFi you can get up to 100 meters or more depending on your office buildings structure,interferance, and if you install an antennae on your Access point.

Another option is IR, but it is limited to line of sight.

There are some great posts here and at pocketpcpassion.com and www.cewindows.net on how to set it up and what pitfalls to look out for.

Some other good resources are www.practicallynetworking.com and www.timhiggins.com.

Hope this helps, than confuse you more...

Nothing wireless will be secure. BT is probably "more" secure because the distance is shorter (10m instead of 30m) :) I am really only kidding as you can buy BT adapters that reaches 100m (according to the adversisements though the standard says 100 yards).

I have both at home. My Wi-fi is secured with SSID, 128-bit encryption and only certain, fixed MAC addresses are allowed. This is as secure I can get but even that is not considered completely secure. Bluetooth can be secured by only accepting trusted devices but those could probably be faked.

If you add a Wi-fi card to your laptop and you laptop is connected to the Internet, you are exposing your company's LAN. I disconnect my laptop from the LAN if I connect to my laptop at work using Wi-fi from my hp-568.

Jorgen

Another option you might consider is setting up a wireless network that is external to the corporate LAN, so that users would need to use a VPN client to access the internal network. This way, all connections are as secure as if a user was working from home and it really doesn't matter if the wireless network is compromised. This is what we're doing where I work and I know of several other companies who do the same thing.

I'm not familiar enough with the security limitations of the two protocols to comment on one versus the other, but if a decision has already been made to prohibit wireless networks I doubt either option would suffice. However, certain wireless routers/access points can be configured to limit connections only to a specified list of MAC addresses. Of course then all a determined hacker would have to do is get their hands on someone's wireless LAN card and they'd be in.

>it really doesn't matter if the wireless network is compromised

It certainly would if the wireless computer is compromised at work, because the work computer is inside the firewall: the whole LAN is compromised.

Educated guess: A WLAN at your home might allow a hacker to make a VPN connection via your computer thus getting in behind the firewall. However, this is far less likely to happen (probably unlikely) and your company could not disallow you to set up a WLAN at home.

Jorgen

>it really doesn't matter if the wireless network is compromised

It certainly would if the wireless computer is compromised at work, because the work computer is inside the firewall: the whole LAN is compromised.
That's smashcasi's point: put the 802.11b network outside the firewall and require VPN/IPsec/your secure communications protocol of choice. Your security problem is effectively reduced to the same problem as accessing your network remotely over the public Internet.

Obviously, this is not what laser can do from his desk, however.

Educated guess: A WLAN at your home might allow a hacker to make a VPN connection via your computer thus getting in behind the firewall. However, this is far less likely to happen (probably unlikely) and your company could not disallow you to set up a WLAN at home.
Make that just about impossible if the VPN remote access authentication policy is set up correctly (such as SecureID).

Bluetooth is theoretically much, much more secure as it requires private, symmetric encryption. However, as someone else mentioned, you really need to get this OK'ed with your company's IT people if you don't want to get into trouble. A lot of companies think Bluetooth is still an immature protocol and needs to pass tests.

--janak

Getting away from the technical aspect I'd guess that even if there was a setup that was completely secure, when you say "Can I extend your office network wirelessly?" you'll get a definite "NO!!!". Also if anyone does hack in to the network (wirelessly or otherwise) you're going to be #1 scapegoat.

Not worth the hassle unless someone who's responsible for your office network sets it up and OKs it. You'd be better off trying to persuade them of the benefits of wireless networking than do it yourself.

Fred

I guess I should have explained this better. I actually run our IT department. We are in an industry where there is little to no experience in wireless networking due to the nature of the business and the regulations surrounding it.

We run our LAN / WAN with firewalls and security software. We also are required to have annual audits and penetration tests.

I am just trying to educate myself as I am the one that gets to play with stuff first and then recommend what we roll out enterprise wide.

I understand the pitfalls with Wi-Fi to some degree but not having direct experinece with it I am on the outside of the learning curve.

I appreicate all of the posts here. This is the kind of information I was needing. My office is underground with concrete and steel surronding me. I think this is a suitable environment for limited testing of a wireless solution. I just need to know the pitfalls, up front of each type of wireless networking. Little is said about bluetooth and it's security downfalls. I could read for days on Wi-Fi and still have only scratched the surface.

Again thanks to all who have answered here. I would apprciate further discussion if anyone else has an opinion or knowledge on this subject.

Laser

I guess I should have explained this better. I actually run our IT department. We are in an industry where there is little to no experience in wireless networking due to the nature of the business and the regulations surrounding it.

We run our LAN / WAN with firewalls and security software. We also are required to have annual audits and penetration tests.
Ah, that's a much better explanation of your situation :) I think I would strongly suggest, given the security levels you're working at, not to trust the office structure and location and rather simply place the wireless bridge outside the firewall on your Internet connection, as many others have suggested. IPsec or other secure authentication/tunneling protocols are definitely a notch above WEP. While WEP can be made reasonably secure, it's still a relatively immature technology.

--janak

As others have stated, any wireless technology is subject to security risks. You should assume it to be equivalent to having a rogue computer connected to your Ethernet. That being said, Bluetooth’s security is a bit tighter than Wi-Fi. If you pair the Bluetooth devices at a time and place that you can assure security, then from that point, they will communicate with 128 bit encryption.

We have only just launched www.BluetoothNews.com, so we still need to add lots of content, but we will soon have an article detailing Bluetooth security issues. (Just keep visiting the site. :wink: )

Thank you all for such helpful information. I have much to review and look into. This discussion has been very helpful.

Thanks again.

Laser :)