Create a secure Linux-based wireless access point

By: Manolis Tzanidakis

Wi-Fi Protected Access version 2 (WPA2) is becoming the de facto standard for securing wireless networks, and a mandatory feature for all new Wi-Fi products certified by the Wi-Fi Alliance. We all know the security weaknesses of its predecessor, WEP; this time they got it right. Here’s how to implement the WPA2 protocol on a Linux host and create a secure wireless access point (WAP) for your network.

Most consumer-grade commercial WAPs operate in the same simple manner: they create a bridge between a wired (Ethernet) network interface and a wireless one. That’s exactly what we’ll do too. The WAP part will be handled by the hostapd daemon, so you must pick a wireless interface it supports. Among the supported NICs are those with Prism 2/2.5/3, Atheros ar521x, and Prism GT/Duette/Indigo chipsets; a list is available on the hostapd homepage, along with links for Linux drivers for each chipset. I have an Atheros AR5212-based PCI card installed on my WAP, which works great with the latest stable version of MADWifi drivers and is supported by hostapd. Although any Pentium (or newer) system will work, some PCI wireless cards require PCI 2.2 to operate, so make sure to check your system’s motherboard specifications before buying. You will also need an Ethernet interface that’s supported by Linux for connecting your WAP to the LAN; most on-board interfaces will work just fine.Read more at


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s