Archived from groups: alt.internet.wireless (
More info?)
On Sat, 28 Aug 2004 23:12:57 -0700, WJ spoketh
>I've read WEP is good, and WEP is not good. What are the knocks against
>WEP?
>
>I just got a wireless router. My options are Pre-Shared Key, PSK Radius,
>Radius, and WEP.
>What do you recommend?
>
>
Well, unless it does say WPA somewhere, those are all WEP options. It's
a little odd to have PSK and WEP listed separately unless one if WPA and
one is WEP. Is there a help screen available on your wireless access
point/router??
WEP is bad because it's relatively easy to crack the encryption to get
the encryption key. Since there's no dynamic key negotiation (like with
WPA), it uses the same key you entered into the equipment for all
encryption until you manually change the key. It has been said that all
that is needed is about 1 hour (assuming enough network traffic) to
crack the WEP keys.
WPA-TKIP uses a dynamic key exchange to negotiate new keys with all the
clients. It is still the same encryption method (WEP), but the keys are
renegotiated by the access point and the clients, making it more
difficult to sniff out the keys. Renewal time should be somewhere
between 300 and 1800 seconds (5 minutes and 30 minutes), default is
usually 600 (10 minutes). Some vendors also provides support for a
different encryption called AES. If this is available to you, this is
the best option currently available. It's a much more robust encryption,
takes a little more power to do, but it's worth it.
Any option with Radius is for using a Radius server to authenticate the
connection. This is a very effective method of keeping people out, but
it's not really an option of the vast majority of home users..
Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)