Broadband-Hamnet™ Forum :: General
Welcome Guest   [Register]  [Login]
 Subject :Securing a MESH network.. 2013-09-18- 21:26:07 
KC9QEA
Member
Joined: 2013-09-12- 12:42:13
Posts: 7
Location

I've started down the path of MESH networking, I'm still in the research phase and have just started to compile a few tidbits of equipment. My biggest concern however is how to secure a Mesh network.

Other than the FCC saying "you can't". What mechanisms are in place to keep "Johnny Highschooler" from doing his own research, installing the firmware, and hacking into a HAM MESH?

I realize that the MESH network is just a bunch of nodes and if one were to provide any type of services over it would require computers with software etc. But what keeps Non-HAMS off of it?


Thanks and 73's

Jess

IP Logged
 Subject :Re:Securing a MESH network.. 2013-09-19- 03:40:52 
VE3RTJ
Member
Joined: 2013-08-19- 07:21:12
Posts: 49
Location: Hamilton, Canada FN03

What keeps non-hams off of it? Nothing, I would think. Securing your mesh network really shouldn't be your biggest concern. Getting it up and doing something useful are big enough tasks to occupy most. I'm new too, and I'm still struggling with those issues.

Secure mesh networks are easy to build using non-ham software; open-wrt, dd-wrt, et al. I've seen some discussion on the legalities of access control, and the 'wish list' on this web site does list some sort of WEP or other access control as a possible future enhacement. Full encryption of the data passing on the network seems to run counter to both US and Canadian law.

Consider that if you're worried about someone seeing the data you're accessing on the mesh, perhaps it shouldn't be there? Amateur related communications are usually about as benign and un-interesting to the average hacker as the nightly news. During emergency operations, when the rules change a bit, perhaps content can be secured from source to destination with VPN solutions.

Personally, I'm confident I can protect the services I connect to my mesh. I do have an internet gateway on one of my nodes, but I can control what gets accessed from the source. I don't worry about the mesh itself being compromised.

As I see it, the only risk is to the ability of the mesh to operate effectively caused by deliberate interference or attacks on the node itself. Nice thing about a mesh is that if that happens, turn off the affected node and the mesh can heal itself around the problem. Yeah, that's an ideal situation but it is a primary goal of the technology.

I tend to think about the security of my nodes like I think about the security of my repeaters; if someone wants to be a 'lid' and mess with 'em, I can always turn them off. And if problems persist, well, that's what 'fox hunting' trains you for, isn't it?

I would really hate to see a situation arise, even out of defensive necessity, where a guest ham would have to jump through hoops, apply to 4 people, be approved by 6, and post a bond in order to join a mesh and look up the local repeater frequencies. I think that violates the basic ethics of amateur radio operating.

I don't know, perhaps a 'don't worry, be happy' attitude is a bit naive, but those are my thoughts. I'm always ready to learn.

 

 

IP Logged
73 de Ron P. email: (callsign) *at* gmail.com
Page # 


Powered by ccBoard


SPONSORED AD: