I’m sure Canopy Support is very adept at tell people like me off, but here goes anyway.
So I did some research about expanding my WISP operation to include 900Mhz for some of those hard to reach areas. My research tells me that Canopy is the way to go. I check pricing, and find that it is a bit pricy, but doable. I put in my trial order and get an AP cluster and 10 clients. Cool.
I setup the AP cluster, configure the radios, upgrade em to 7.2, etc. etc. Cool.
I setup a client and point it at the tower, and it easily gets a signal and I am up and running. Cool.
Hmmm, wait a minute. I don’t recall telling the AP that it was ok for this client to connect. But it connected without a problem. Not cool.
So I skim the 452 page manual to figure out how to limit access to the AP. The only blurb I can find is some cursory mention of something called BAM. Well, a quick websearch brings me to BAM. A linux based authentication and management tool for canopy. Ok, that’s kinda cool…where do I download it? Hmm, click here to purchase. WTF. Purchase? Holy crap $1000 just for the server. And then even more $ if I want it to actually do anything.
I am livid. I went with Canopy for ease of installation and compariable pricing. Now I find the hidden costs and a major administration nightmare.
Here are my beefs:
1) No AP filtering. Even the cheapest $90 wireless ap’s provide a way to manually filter clients.
2) Linux application. Um, you just took all notion of ease of installation and threw it out the window. Installing Linux is akin to removing your kidney by hand compared to other OS’s. I signed up to be a WISP, not a Unix administrator.
3) Cost. The AP’s are pricy, and the clients aren’t free either. And now I am told that If I don’t want to provide free internet to every 14 year old with a credit card I have to PAY to secure my ap. What a scam. BAM should come with the AP.
What are my alternatives to just sending this crap back and writing off my time spent on it?
>1) No AP filtering. Even the cheapest $90 wireless ap’s
> provide a way to manually filter clients.
Yes, this is an issue. However, Canopy is not intended for 2-5 computers the way that most 802.11 units are. I do not want to sacrifice performance for filtering capability. Mot offers network colouring and private crypt-keying, which should solve most of the security issue.
BAM is the answer to this, and yes with the price of the hardware it seems excessive to me. More to the point, I’d pay $200 more for it just to be rid of that POS license manager.
>2) Linux application. Um, you just took all notion of ease of
>installation and threw it out the window. Installing Linux is
>akin to removing your kidney by hand compared to other
>OS’s. I signed up to be a WISP, not a Unix administrator.
Here is where you go very, very wrong. Linux is easy to install these days, offers reasonable security and is simple to administrate. *dows is impossible to administrate, there are just people who have fooled themselves into thinking you can, and licensing costs can be horrendous. Obviously I think your opinion here is wrong, but I will say that I hate RedHat’s distribution with a passion. Motorola needs to do with BAM what they did with CNUT: make it dead simple to install on any system with the required software.
Did I mention I hate RedHat’s Linux distribution?
> What a scam. BAM should come with the AP.
Yes. It should. And it should come on a CD with a Linux distribution… or come with an installer that is distribution-agnostic so that those of us with existing servers don’t have to gnaw our nails to the quick over how the time required to rebuild and manage the things using RedHat’s nasty planned-obsolecence Linux distribution is going to cut into our other projects.
But I digress.
Buy BAM or don’t. Secure your SMs, colour your network, use your own crypt key and encrypt your broadcasts, or don’t. Up to you.
Shaman666 wrote: Here is where you go very, very wrong. Linux is easy to install these days, offers reasonable security and is simple to administrate. *dows is impossible to administrate, there are just people who have fooled themselves into thinking you can, and licensing costs can be horrendous. Obviously I think your opinion here is wrong, but I will say that I hate RedHat's distribution with a passion. Motorola needs to do with BAM what they did with CNUT: make it dead simple to install on any system with the required software.
Did I mention I hate RedHat's Linux distribution?
Thank you for your reply. Don't want this to become a Unix v Window thread, but I need to throw my 2 cents in.
The only thing simpler than managing windows is making breakfast in the microwave. I am one person and I manage 60 windows servers across 10 states and 18 locations. I am bored much of the time. I spend most of my time managing the 2 linux boxes that we have here for point applications. Linux is where windows was about 10 years ago. They are getting better, but they have a long way to go yet. When they get to Next Next Finish...then I will be a believer. :)
Couple questions actually related to this thread:
Where do I find on the AP where to set my DES key. I see it on the SM's, but there just seems to be a USe encryption or don't button on the AP.
Is color coding an effective method of security? Can't my 14 year old friend just try different colors?
Since you’ve made it one, allow me to retort. Managing Windows effectively means locking machines down manually so hard and firewalling them so deep that it would take an Act Of God to cause major harm from the user point of view. I run an IT shop here as well and the horror that is Windows in the real world keeps us rolling in greenbacks… so I can’t hate it, as much as I hate it. 
And I’ll certainly never deploy it on a public network purposely.
The Linux systems, on the other hand, put only what you want on them, fire them up and put them on the Internet. Update them once a week automagically or by hand (your choice). Done!
Shaman666 wrote: Since you've made it one, allow me to retort. Managing Windows effectively means locking machines down manually so hard and firewalling them so deep that it would take an Act Of God to cause major harm from the user point of view. I run an IT shop here as well and the horror that is Windows in the real world keeps us rolling in greenbacks... so I can't hate it, as much as I hate it. :) And I'll certainly never deploy it on a public network purposely.
The Linux systems, on the other hand, put only what you want on them, fire them up and put them on the Internet. Update them once a week automagically or by hand (your choice). Done!
Windows XP install time with Free Spyware, Firewall, Automatic Updates and no problems for the life of the PC...next next finish: 2 hours
Linux install time with no spyware protection, no firewall, and a broken automatic update system (Unless you use the command line ones and cron)...all this with the need to rebuild your kernal, modify make files, and recompile every piece of software released for it: 8 hours plus very little robust software support.
See, you linux zealots use the same arguments that Mac guys have been using for years:
1) "We are more secure."
No, you have less than 4% of the market share, so you are not a target. There is no interest in hacking into your Linux box because there is nothing of value there. Back when Unix was the main server platform for business applications, it was readily hacked. I myself had over 200 root accounts from unix boxes across the world. And I was only a college kid pre-web days, pre-script kiddy days.
2) "We are easier to manage"
Well, this is subjective, but I could not disagree more. The second I have to open a terminal window or an editor to modify a make file to recompile anything on Unix I have just crossed the line of managability. You may have all the time in the world to scour the internet for the right compile sequence to make your software run on that exact release of the kernal...but I don't. I run setup.exe, click next, next, finish. Software installed.
Perhaps you are basing your assumptions on NT4 or something older. Windows 2000 was easier, XP and 2003 are braindead easy to manage and I would argue just as stable as any stripped down linux box.
3) "We have a better OS."
And Beta was a better than VHS too. It doesn't matter.
4) "Linux is more stable."
So is DOS. For linux to be stable, you can't run the gui...so you are not comparing apples to apples.
Security by obscurity is not an effective method of security, but one the linux community loves to embrace.
This thread needs to get locked.
Take this fight to Slashdot boys, it does not belong here.
One last post then: dude, you are clueless about Linux. I’ve done a full Linux install with RAID in 12 minutes before, and had an up-to-the-hour updated, customized and deployable system in under 25 - and that’s from a standard distribution CD, not one of my killer 5-minute bootable system discs that I keep current once a quarter. My track record so far: over 20 Linux systems directly connected to the Internet since 1996 - 0 break-ins, no firewalls.
So don’t claim you know anything about Linux. You don’t. Full stop.
End of thread.
People you are both right and you are both wrong…
Shaman, he wants to know if he can secure his wireless network. Jack, you need to drop the whining about not being able to admin a *nix box.
The question in this thread was "How can I secure my Canopy network."
Shall we try to manage that question, please? I’m interested in the answer as well.
Thanks
-m-
Micers, not saying I can’t admin a *nix box. I’m admin’d them since '91. Just saying that it’s a pain in the CPU to do it vs. Windows.
Shaman, 12 minutes with RAID? lol. Unless your raid was 10Mb, you can’t even initialize the raid in that amount of time. Linux has a place, I don’t disagree. I use Monowall, and it’s great for that purpose. But there is no admin…put in the CD and it works. What I am talking about is having to install a specific version of Redhat with specific updates, do all the crap related to that, and THEN put their software on it and make it work. Pull that off in 25 minutes and I will lick your shoes.
If Motorola insists on using Linux, then they should do it like Monowall or ClarkConnect and make it a full distribution. There’s only 1 Windows. There is 482 Linux’s.
Shaman666 wrote: dude, you are clueless about Linux.
Heh, first rule of arguing: When you have no point, attack the other persons intelligence.
My track record so far: over 20 Linux systems directly connected to the Internet since 1996 - 0 break-ins, no firewalls.
30-70 NT4-Windows2003 systems directly connected to the internet since 1995. 0 Breakins and 0 virii.
These numbers really have very little to do with the OS, but rather how good of administrators we are. Good Job.
So don't claim you know anything about Linux. You don't. Full stop.
End of thread.
Which version of which build of which source of which year of which language of which....
Nah, micers is right (if more than a little righteous). Time to stop the bus and step off.
Someone needs to take the time to reverse engineer BAM then offer it as an opensource project.
Hey maybe we can get Andrew Tridgell interested in Canopy.