Sign in with
Sign up | Sign in
Your question

WPA or WEP-128bit for Home Wireless?

Last response: in Wireless Networking
Share
June 30, 2004 12:10:49 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Hi,

I just setup a home wireless network using NetGear WGR614
wireless router and WGB511 PCMCIA card on XP Pro. My
question is should I take the extra leap and implement WAP
Security or would a WEP-128bit security be more than
sufficient for a home environment?

The answer carries a lot of signifance for my decision
because the WGB511 card that I got would not let me
upgrade to a new version of the driver that has WAP
support. And if the recommendation that I go for WAP
security for a home wireless network, I should think about
going for a different card.

Also, if I have to go for WAP security, do I still need to
install the Microsoft WAP Security Update KB#815485
(http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
3B815485) ?
Anonymous
a b F Wireless
a b 8 Security
June 30, 2004 3:05:19 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

I would implement WPA. Its more secure than WEP...See this article by Barb Bowman, MS-MVP...

http://www.microsoft.com/WindowsXP/expertzone/columns/b...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

"DRK" <anonymous@discussions.microsoft.com> wrote in message
news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
> Hi,
>
> I just setup a home wireless network using NetGear WGR614
> wireless router and WGB511 PCMCIA card on XP Pro. My
> question is should I take the extra leap and implement WAP
> Security or would a WEP-128bit security be more than
> sufficient for a home environment?
>
> The answer carries a lot of signifance for my decision
> because the WGB511 card that I got would not let me
> upgrade to a new version of the driver that has WAP
> support. And if the recommendation that I go for WAP
> security for a home wireless network, I should think about
> going for a different card.
>
> Also, if I have to go for WAP security, do I still need to
> install the Microsoft WAP Security Update KB#815485
> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
> 3B815485) ?


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.713 / Virus Database: 469 - Release Date: 6/30/2004
June 30, 2004 3:05:20 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Al:

Thanks for your response. I understand that WPA is much
more secure than WEP...but my concern is that it should
NOT be a over-kill on the HOME wireless network. In other
words, if the WEP-128bit is more than sufficient for an
home wireless I'm willing to stick to that, else I'm
willing to take a leap (only if it is absoultely
necessary!)

Thanks,
- Ram

>-----Original Message-----
>I would implement WPA. Its more secure than WEP...See
this article by Barb Bowman, MS-MVP...
>
>http://www.microsoft.com/WindowsXP/expertzone/columns/b...
an/03july28.asp
>
>--
> Al Jarvi (MS-MVP Windows Networking)
>
>Please post *ALL* questions and replies to the news group
for the mutual benefit of all of us...
>The MS-MVP Program - http://mvp.support.microsoft.com
>This posting is provided "AS IS" with no warranties, and
confers no rights...
>
>"DRK" <anonymous@discussions.microsoft.com> wrote in
message
>news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
>> Hi,
>>
>> I just setup a home wireless network using NetGear
WGR614
>> wireless router and WGB511 PCMCIA card on XP Pro. My
>> question is should I take the extra leap and implement
WAP
>> Security or would a WEP-128bit security be more than
>> sufficient for a home environment?
>>
>> The answer carries a lot of signifance for my decision
>> because the WGB511 card that I got would not let me
>> upgrade to a new version of the driver that has WAP
>> support. And if the recommendation that I go for WAP
>> security for a home wireless network, I should think
about
>> going for a different card.
>>
>> Also, if I have to go for WAP security, do I still need
to
>> install the Microsoft WAP Security Update KB#815485
>> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-
us%
>> 3B815485) ?
>
>
>---
>Outgoing mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.713 / Virus Database: 469 - Release Date:
6/30/2004
>
>.
>
Related resources
Anonymous
a b F Wireless
a b 8 Security
June 30, 2004 3:37:26 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

I don't think its overkill at all. I run WPA-PSK on my home LAN...with a VERY long random key...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

"DRK" <anonymous@discussions.microsoft.com> wrote in message
news:23d0401c45ebd$359bf660$a501280a@phx.gbl...
> Al:
>
> Thanks for your response. I understand that WPA is much
> more secure than WEP...but my concern is that it should
> NOT be a over-kill on the HOME wireless network. In other
> words, if the WEP-128bit is more than sufficient for an
> home wireless I'm willing to stick to that, else I'm
> willing to take a leap (only if it is absoultely
> necessary!)
>
> Thanks,
> - Ram
>
>>-----Original Message-----
>>I would implement WPA. Its more secure than WEP...See
> this article by Barb Bowman, MS-MVP...
>>
>>http://www.microsoft.com/WindowsXP/expertzone/columns/b...
> an/03july28.asp
>>
>>--
>> Al Jarvi (MS-MVP Windows Networking)
>>
>>Please post *ALL* questions and replies to the news group
> for the mutual benefit of all of us...
>>The MS-MVP Program - http://mvp.support.microsoft.com
>>This posting is provided "AS IS" with no warranties, and
> confers no rights...
>>
>>"DRK" <anonymous@discussions.microsoft.com> wrote in
> message
>>news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
>>> Hi,
>>>
>>> I just setup a home wireless network using NetGear
> WGR614
>>> wireless router and WGB511 PCMCIA card on XP Pro. My
>>> question is should I take the extra leap and implement
> WAP
>>> Security or would a WEP-128bit security be more than
>>> sufficient for a home environment?
>>>
>>> The answer carries a lot of signifance for my decision
>>> because the WGB511 card that I got would not let me
>>> upgrade to a new version of the driver that has WAP
>>> support. And if the recommendation that I go for WAP
>>> security for a home wireless network, I should think
> about
>>> going for a different card.
>>>
>>> Also, if I have to go for WAP security, do I still need
> to
>>> install the Microsoft WAP Security Update KB#815485
>>> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-
> us%
>>> 3B815485) ?
>>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.713 / Virus Database: 469 - Release Date: 6/30/2004
Anonymous
a b F Wireless
a b 8 Security
June 30, 2004 9:25:30 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Whether you use WGB511 or WG511 you are prone to have problems with WEP
security. Have a look at
"Netgear WG614v3 problems" submitted June 19th 2004 17:18 to this Newsgroup.


"DRK" <anonymous@discussions.microsoft.com> skrev i en meddelelse
news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
> Hi,
>
> I just setup a home wireless network using NetGear WGR614
> wireless router and WGB511 PCMCIA card on XP Pro. My
> question is should I take the extra leap and implement WAP
> Security or would a WEP-128bit security be more than
> sufficient for a home environment?
>
> The answer carries a lot of signifance for my decision
> because the WGB511 card that I got would not let me
> upgrade to a new version of the driver that has WAP
> support. And if the recommendation that I go for WAP
> security for a home wireless network, I should think about
> going for a different card.
>
> Also, if I have to go for WAP security, do I still need to
> install the Microsoft WAP Security Update KB#815485
> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
> 3B815485) ?
June 30, 2004 9:25:31 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Andersen:

Thanks for your response. I'm using WG614v4 router and yet
to test it for its connection stability... read some
reviews that the intermittent drop has been resolved in
WG614v4 upwards... just keeping my fingers crossed.

Also, I could not find any posting about WEP security
issues in the article you has mentioned... it only talks
about WPA based security

Thanks,
- DRK
>-----Original Message-----
>Whether you use WGB511 or WG511 you are prone to have
problems with WEP
>security. Have a look at
>"Netgear WG614v3 problems" submitted June 19th 2004 17:18
to this Newsgroup.
>
>
>"DRK" <anonymous@discussions.microsoft.com> skrev i en
meddelelse
>news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
>> Hi,
>>
>> I just setup a home wireless network using NetGear
WGR614
>> wireless router and WGB511 PCMCIA card on XP Pro. My
>> question is should I take the extra leap and implement
WAP
>> Security or would a WEP-128bit security be more than
>> sufficient for a home environment?
>>
>> The answer carries a lot of signifance for my decision
>> because the WGB511 card that I got would not let me
>> upgrade to a new version of the driver that has WAP
>> support. And if the recommendation that I go for WAP
>> security for a home wireless network, I should think
about
>> going for a different card.
>>
>> Also, if I have to go for WAP security, do I still need
to
>> install the Microsoft WAP Security Update KB#815485
>> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-
us%
>> 3B815485) ?
>
>
>.
>
Anonymous
a b F Wireless
a b 8 Security
June 30, 2004 9:28:21 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Sorry, problems with WPA security. No problems with WEP.

"K.S.Andersen" <ksaATosDOTdk> skrev i en meddelelse
news:eGfE4ZrXEHA.3888@TK2MSFTNGP10.phx.gbl...
> Whether you use WGB511 or WG511 you are prone to have problems with WEP
> security. Have a look at
> "Netgear WG614v3 problems" submitted June 19th 2004 17:18 to this
Newsgroup.
>
>
> "DRK" <anonymous@discussions.microsoft.com> skrev i en meddelelse
> news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
> > Hi,
> >
> > I just setup a home wireless network using NetGear WGR614
> > wireless router and WGB511 PCMCIA card on XP Pro. My
> > question is should I take the extra leap and implement WAP
> > Security or would a WEP-128bit security be more than
> > sufficient for a home environment?
> >
> > The answer carries a lot of signifance for my decision
> > because the WGB511 card that I got would not let me
> > upgrade to a new version of the driver that has WAP
> > support. And if the recommendation that I go for WAP
> > security for a home wireless network, I should think about
> > going for a different card.
> >
> > Also, if I have to go for WAP security, do I still need to
> > install the Microsoft WAP Security Update KB#815485
> > (http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
> > 3B815485) ?
>
>
Anonymous
a b F Wireless
a b 8 Security
July 1, 2004 1:28:24 AM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

For your home - WEP with 128-bit encryption. Also, restrict access by
enabling access via a list of MAC addresses that you supply. For giggles
you coud also disable your SSID broadcast. I've got a couple of 11MB
clients that I can't get support for WPA either.

"DRK" <anonymous@discussions.microsoft.com> wrote in message
news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
> Hi,
>
> I just setup a home wireless network using NetGear WGR614
> wireless router and WGB511 PCMCIA card on XP Pro. My
> question is should I take the extra leap and implement WAP
> Security or would a WEP-128bit security be more than
> sufficient for a home environment?
>
> The answer carries a lot of signifance for my decision
> because the WGB511 card that I got would not let me
> upgrade to a new version of the driver that has WAP
> support. And if the recommendation that I go for WAP
> security for a home wireless network, I should think about
> going for a different card.
>
> Also, if I have to go for WAP security, do I still need to
> install the Microsoft WAP Security Update KB#815485
> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
> 3B815485) ?
Anonymous
a b F Wireless
a b 8 Security
July 1, 2004 3:39:17 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

It seems there is very little "authoritative" information on the web
regarding the strength of WEP and WPA, except to say WPA is better than 128
WEP is better than 40 WEP.

First, recognize that no security is absolute. Professionals note that
security is inversely proportional to usability - the more secure, the
harder is for the user to use. The security for every situation is
different. What you need to consider is the cost the intruder will have to
incur vs. the benefit they will receive by cracking your system.

Second, most of the discussions regarding the "insecurity" of WEP seem to
focus on the algorithm that turns the pass phrase into an encryption key.
Apparently the algorithm did not produce unique keys, but provided some
subset of keys from the total available keys. This makes searching for the
correct key by trial and error quicker. (Recall when you may have forgotten
the combination to a 3 or 4 digit bike lock of the type with the rotating
cylinders for each number - with sufficient patience you could work through
all combinations until you found the one that opened the lock. Consider how
much easier that was if you already knew one or two of the numbers.)

It is not necessary to use a pass phrase to generate your key. That was a
convenience to make it easer for the user (remember the inverse rule above
;-). Instead, you can generate your own random key (using dice or pulling
the numbers out of a hat) and enter it directly. Just be sure that you use
all 16 of the hexadecimal values. { 0 1 2 3 4 5 6 7 8 9 A B C D E F }

Finally, consider your own circumstances. If you are in a suburban or rural
area, any intruder that wants to crack your wireless network is probably
going to have to sit in a car out in front of your house to be close enough
to access it. I have seen claims that 128 bit WEP with a truly random key
still requires about 20 weeks to crack. A war driver that wants an
anonymous connection for illegal purposes probably won't think the anonymous
access will be very valuable if they risk being spotted in front of your
house to get it. And someone that is looking for your personal information
will find it easier to break into your house and turn your computer on.

Conversely, if you live in an apartment building and you have no idea who
your neighbors are, you probably want to avoid wireless altogether. Even
WPA will not stand up to a sustained attack if the cost to the attacker is
in line with the benefits they could receive.

Most home and SOHO applications fall somewhere in between the two extremes
above. Also the value of any data in home computers is generally pretty
trivial, easier to get by other means, and already has protections against
misuse. (If your home business doesn't fit this general characterization,
I'm sure you already know why AND you have more sophisticated physical
protections as well.)

I guess another way to put it is if you feel comfortable with standard locks
and deadbolts on your doors and don't have a 24 hour monitored alarm system,
you should be equally comfortable using 128 bit WEP with a random key. If
you want to up your odds, then use a restricted MAC access list as well.

Dave M




"DRK" <anonymous@discussions.microsoft.com> wrote in message
news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
> Hi,
>
> I just setup a home wireless network using NetGear WGR614
> wireless router and WGB511 PCMCIA card on XP Pro. My
> question is should I take the extra leap and implement WAP
> Security or would a WEP-128bit security be more than
> sufficient for a home environment?
>
> The answer carries a lot of signifance for my decision
> because the WGB511 card that I got would not let me
> upgrade to a new version of the driver that has WAP
> support. And if the recommendation that I go for WAP
> security for a home wireless network, I should think about
> going for a different card.
>
> Also, if I have to go for WAP security, do I still need to
> install the Microsoft WAP Security Update KB#815485
> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
> 3B815485) ?
Anonymous
a b F Wireless
a b 8 Security
July 1, 2004 3:54:03 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

DRK wrote:
> Al:
>
> Thanks for your response. I understand that WPA is much
> more secure than WEP...but my concern is that it should
> NOT be a over-kill on the HOME wireless network. In other
> words, if the WEP-128bit is more than sufficient for an
> home wireless I'm willing to stick to that, else I'm
> willing to take a leap (only if it is absoultely
> necessary!)
[..]

Hello,
why do you think security is overkill? You should consider the
consequences of one of your neighbours using your internet connection.
First of all there is the costs, if you have a real flat-rate then that
would not be a "real" problem, you couls let them use your connection.
But you should never forget, that it is possible to break into your WEP
secured network and use your internet connection for commiting crimes.
And it is up to you to prove that your account has been misused when the
police found out that your account was the origin of a hacker attack or
illegal filesharing activity or something like this.

I would never claim, that wpa is overkill. I use it and it was quite
difficult to make all client work, but now it works and I can sleep very
well again.

And: Never forget to turn off your router when you do not use it. You do
not need it if you are not at home. So this is the best protection
against hackers, as long as it is turned off?

Sebastian
Anonymous
a b F Wireless
a b 8 Security
July 6, 2004 8:27:23 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Hi.

The differences between WEP and WPA are not the level of "bits' Encryption".

It is an issue of how the encryption key is generated and frequent changes
to the key.

May be this can Help: http://www.ezlan.net/Wireless_Security.html

Jack (MVP-Networking).



"DRK" <anonymous@discussions.microsoft.com> wrote in message
news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
> Hi,
>
> I just setup a home wireless network using NetGear WGR614
> wireless router and WGB511 PCMCIA card on XP Pro. My
> question is should I take the extra leap and implement WAP
> Security or would a WEP-128bit security be more than
> sufficient for a home environment?
>
> The answer carries a lot of signifance for my decision
> because the WGB511 card that I got would not let me
> upgrade to a new version of the driver that has WAP
> support. And if the recommendation that I go for WAP
> security for a home wireless network, I should think about
> going for a different card.
>
> Also, if I have to go for WAP security, do I still need to
> install the Microsoft WAP Security Update KB#815485
> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
> 3B815485) ?
Anonymous
a b F Wireless
a b 8 Security
July 7, 2004 3:23:52 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Thanks for the link, I was interested to note that it made many of the same
recommendations I did.

I understand the difference between WEP and WPA. I have studied encryption
algorithms and have programmed implementations of DES and 3DES.

I agree that the issues is how the encryption key is generated, and my post
described an alternative to the buggy passphrase conversion algorithm
included in WEP implementations.

I still stand by my position that 128 bit WEP is adequate for most home and
home office installations.

The point I wanted to make for the original writer was to point out that the
additional cost in time and money to get a new card that will work with WAP,
since they already have one that will work with WEP, is probably not worth
the additional security of WAP, since they most likely don't need it. But
that is a judgment they will have to make for themselves, considering their
unique situation.

I don't know who said if first, but "In technology, just because you can do
it doesn't mean you should do it."

Regards,
Dave.

"Cat" <cat5e@mail.com> wrote in message
news:ed8AVc5YEHA.1000@TK2MSFTNGP12.phx.gbl...
> Hi.
>
> The differences between WEP and WPA are not the level of "bits'
Encryption".
>
> It is an issue of how the encryption key is generated and frequent
changes
> to the key.
>
> May be this can Help: http://www.ezlan.net/Wireless_Security.html
>
> Jack (MVP-Networking).
>
>
>
> "DRK" <anonymous@discussions.microsoft.com> wrote in message
> news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
> > Hi,
> >
> > I just setup a home wireless network using NetGear WGR614
> > wireless router and WGB511 PCMCIA card on XP Pro. My
> > question is should I take the extra leap and implement WAP
> > Security or would a WEP-128bit security be more than
> > sufficient for a home environment?
> >
> > The answer carries a lot of signifance for my decision
> > because the WGB511 card that I got would not let me
> > upgrade to a new version of the driver that has WAP
> > support. And if the recommendation that I go for WAP
> > security for a home wireless network, I should think about
> > going for a different card.
> >
> > Also, if I have to go for WAP security, do I still need to
> > install the Microsoft WAP Security Update KB#815485
> > (http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
> > 3B815485) ?
>
>
Anonymous
a b F Wireless
a b 8 Security
July 9, 2004 4:55:17 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

A lot of freely downloadable tools permit you to crack WEP easily and
quickly. Doubt it download a copy Linux STD distribution and boot up a
wireless equipped laptop. Bring up kismet and have fun. If you are NOT
using WPA with a good pasphrase you are toast the question is who is driving
by with the toaster and when.

From the AZrepublic articel on increase identity theft ->

"Phoenix police respond increasingly to wireless fraud crimes, Weiss said.
Thieves travel in pairs through affluent Valley neighborhoods, armed with a
laptop and modem.

The passenger then uses the improvised modem, which is often soldered into a
coffee can, to tap into Internet service providers in home computers.

"A lot of our criminals are more sophisticated than we've seen before,"
Weiss said. "They'll be able to get a signal in their car as long as your
modem is on. It doesn't matter if you're using the computer at the time. If
the computer is on and connected, they can sign on using your Internet
service provider address."

Simply switching off home computers when they are not in use can save
consumers thousands of dollars, Weiss said."



Full Article -> http://www.azcentral.com/news/articles/0708idtheft08.ht...
!