Sign in with
Sign up | Sign in
Your question

Is WEP the most secure encryption in wireless network secu..

Last response: in Wireless Networking
Share
Anonymous
a b 8 Security
September 27, 2005 5:00:41 PM

Archived from groups: (More info?)

In terms of wireless network security, is WEP encryption the
most secure choice?

I am the home user, and have multiple machines connect to
the wireless router inside the house. I worry about the
wireless security and people can hack the machines.

There are choices such as WEP 64 bits, WEP 128 bits, and PSK.
I chose WEP 128 bits but not sure if this is the most
secure choice.

Any other suggestions to make the wireless network more secury?

Please advise. thanks!!
Anonymous
a b 8 Security
September 27, 2005 7:15:04 PM

Archived from groups: (More info?)

strutsng@gmail.com wrote:

>In terms of wireless network security, is WEP encryption the
>most secure choice?
>
>I am the home user, and have multiple machines connect to
>the wireless router inside the house. I worry about the
>wireless security and people can hack the machines.
>
>There are choices such as WEP 64 bits, WEP 128 bits, and PSK.
>I chose WEP 128 bits but not sure if this is the most
>secure choice.
>
>Any other suggestions to make the wireless network more secury?
>
>Please advise. thanks!!
>
>
>
WEP is flawed. Anyone with the proper tools and time can break it.

WPA is considered very secure if you use a good passphrase. Either TKIP
or AES (WPA2).
Anonymous
a b 8 Security
September 28, 2005 12:46:20 AM

Archived from groups: (More info?)

strutsng@gmail.com writes:

>In terms of wireless network security, is WEP encryption the
>most secure choice?

No, it is not WPA is more secure. WEP is breakable with sufficient captured
traffic.

>I am the home user, and have multiple machines connect to
>the wireless router inside the house. I worry about the
>wireless security and people can hack the machines.

Yes, they can.
Make your essid hidden, so that the outsider has to try to figure out
what your essid is to connect. Then make sure you have some encryption
configured. If you are worried, make sure that the key is changed
periodically.

>There are choices such as WEP 64 bits, WEP 128 bits, and PSK.
>I chose WEP 128 bits but not sure if this is the most
>secure choice.

>Any other suggestions to make the wireless network more secury?

>Please advise. thanks!!
Related resources
Anonymous
a b 8 Security
September 28, 2005 1:35:06 AM

Archived from groups: (More info?)

Jeffrey Goldberg wrote:
> strutsng@gmail.com wrote:
> > In terms of wireless network security, is WEP encryption the
> > most secure choice?
>
> There is a very serious flaw in WEP which allows it to be cracked fairly
> easily. If you have a choice between WEP and WPA go with WPA.
>

I am using linksys wireless router, and it doesn't support WPA, it has
WEP.
any ideas??
Anonymous
a b 8 Security
September 28, 2005 1:55:17 AM

Archived from groups: (More info?)

> Make your essid hidden, so that the outsider has to try to figure out
> what your essid is to connect. Then make sure you have some encryption
> configured. If you are worried, make sure that the key is changed
> periodically.

No point in hiding the SSID if it's intentional intruders that are a
worry, they'll just run Kismet and immediately find it.

Similarly, WEP is equally pointless for deterring intentional intruders.
Anonymous
a b 8 Security
September 28, 2005 2:12:56 AM

Archived from groups: (More info?)

strutsng@gmail.com wrote:

> In terms of wireless network security, is WEP encryption the
> most secure choice?
>
> I am the home user, and have multiple machines connect to
> the wireless router inside the house. I worry about the
> wireless security and people can hack the machines.
>
> There are choices such as WEP 64 bits, WEP 128 bits, and PSK.
> I chose WEP 128 bits but not sure if this is the most
> secure choice.
>
> Any other suggestions to make the wireless network more secury?

WEP will only stop casual intruders. With sufficient data, it can be
broken. WPA is more secure, however you may also want to use a VPN.
Anonymous
a b 8 Security
September 28, 2005 3:14:09 AM

Archived from groups: (More info?)

strutsng@gmail.com wrote:
> In terms of wireless network security, is WEP encryption the
> most secure choice?

There is a very serious flaw in WEP which allows it to be cracked fairly
easily. If you have a choice between WEP and WPA go with WPA.

> I am the home user, and have multiple machines connect to
> the wireless router inside the house. I worry about the
> wireless security and people can hack the machines.

Thank you. You would be surprised at how many home users are
unconcerned about this sort of thing.

> There are choices such as WEP 64 bits, WEP 128 bits, and PSK.
> I chose WEP 128 bits but not sure if this is the most
> secure choice.

If PSK is shorthand for WPA-PSK (which it probably is) than that is the
best choice.

-j
September 28, 2005 3:59:54 AM

Archived from groups: (More info?)

On Tue, 27 Sep 2005 13:00:41 -0700, strutsng wrote:

> In terms of wireless network security, is WEP encryption the
> most secure choice?
>
> I am the home user, and have multiple machines connect to
> the wireless router inside the house. I worry about the
> wireless security and people can hack the machines.
>
> There are choices such as WEP 64 bits, WEP 128 bits, and PSK.
> I chose WEP 128 bits but not sure if this is the most
> secure choice.
>
> Any other suggestions to make the wireless network more secury?
>
> Please advise. thanks!!

WEP isn't recommended but it's better than no encryption. It would be best
to use WPA or WPA2 encryption instead.
Anonymous
a b 8 Security
September 28, 2005 7:38:35 AM

Archived from groups: (More info?)

"James Knott" <james.knott@rogers.com> wrote in message
news:4aKdnUewnua1YaTenZ2dnUVZ_sudnZ2d@rogers.com...
> strutsng@gmail.com wrote:
>
>> In terms of wireless network security, is WEP encryption the
>> most secure choice?
>>
>> I am the home user, and have multiple machines connect to
>> the wireless router inside the house. I worry about the
>> wireless security and people can hack the machines.
>>
>> There are choices such as WEP 64 bits, WEP 128 bits, and PSK.
>> I chose WEP 128 bits but not sure if this is the most
>> secure choice.
>>
>> Any other suggestions to make the wireless network more secury?
>
> WEP will only stop casual intruders. With sufficient data, it can be
> broken. WPA is more secure, however you may also want to use a VPN.
>

1. Use WPA not WEP
2. Use a password that is at least 20 characters long.
( This will handle the weakness in WPA ... as per the latest
research on WPA :-)

or if you're wanting to up the security, you might want
to consider a VPN (with a digital certificate), or
a Radius authentication server (with digital certificates)

Enjoy
Postmaster
Anonymous
a b 8 Security
September 28, 2005 12:07:12 PM

Archived from groups: (More info?)

strutsng@gmail.com wrote:
>I am using linksys wireless router, and it doesn't support WPA, it has
>WEP.

Either upgrade the firmware so it does support WPA, or replace it with
a more modern one (WRT54G is nice, and around $60) that does support
WPA.
Anonymous
a b 8 Security
September 28, 2005 12:21:17 PM

Archived from groups: (More info?)

Jeffrey Goldberg wrote:

> Thank you. You would be surprised at how many home users are
> unconcerned about this sort of thing.

I recently did a scan at a friends home. There were 5 or 6 open WiFi
connections available and only a couple using encryption.
Anonymous
a b 8 Security
September 28, 2005 12:21:57 PM

Archived from groups: (More info?)

strutsng@gmail.com wrote:

> I am using linksys wireless router, and it doesn't support WPA, it has
> WEP.
> any ideas??

See if there's an update available. My SMC didn't originally support WPA,
but does now.
Anonymous
a b 8 Security
September 28, 2005 12:33:53 PM

Archived from groups: (More info?)

I have Linksys Wireless-G USB Kit with SpeedBooster
(http://www.pcsforeveryone.com/product_info.php?products...),
which contains Linksys WRT54GS v2 router and Linksys WUSB54GS network
adapter.

Does it have WPA support?

WPA is the same as PSK? It has PSK-RADIUS, and RADIUS, which one is
better?

Ok, if someone really hacked my WEP key, then they can get in my
machine and steal things?

Please advise more...
Anonymous
a b 8 Security
September 28, 2005 12:36:38 PM

Archived from groups: (More info?)

> I am using linksys wireless router, and it doesn't support WPA, it has
> WEP.
> any ideas??

None, shall we continue to guess *which* Linksys wireless router or are
you going to tell us? :) 

David.
Anonymous
a b 8 Security
September 28, 2005 12:39:57 PM

Archived from groups: (More info?)

Unruh <unruh-spam@physics.ubc.ca> wrote:
>wep is better than nothing. Remember that an attacker is going to have to
>be located fairly near you ( but the house next door might be fine).

True.

>As I mentioned, hide the essid, make it complicated as well, so that the

Silly.

You *can't* hide the ESSID! You can turn off periodic
broadcasting of the ESSID, but that does *not* hide it. It is,
unencrypted, sent in every packet you transmit. The broadcast
merely makes sure that you do in fact transmit a packet at
short, regular intervals.

The point of doing that is to allow a short "scan" to detect the
presense of a network. The value is that it can be *avoided* if
it will interfere with another network. Hence if you turn off
ESSID broadcasts the likelyhood that a neighbor will fire up his
wifi access point on the same channel as yours, is much greater
than if the ESSID broadcast is enabled.

If the neighbor is interested in cracking your network, the lack
of an ESSID broadcast is *not* going to hide the existance of
the network for longer than it takes you to use it. Which is to
say that as soon as you actually do use it for traffic, your
ESSID is available to the neighbor.

>attacker cannot guess it. Again security by obscurity, but that sometimes

It has *nothing* to do with security, obscure or otherwise.

>works. If on the other hand you have issues that are worth thousands or
>millions of dollars, buy a new wireless router that does support WPA, and
>make sure that your connections are encrypted (ssh, VPN,...)

All of the Linksys routers support WPA. The earlier /firmware/
doesn't though, and either a Linksys upgrade or third party
firmware can be downloaded and applied to add support for WPA.

--
Floyd L. Davidson <http://www.apaflo.com/floyd_davidson&gt;
Ukpeagvik (Barrow, Alaska) floyd@apaflo.com
Anonymous
a b 8 Security
September 28, 2005 2:30:21 PM

Archived from groups: (More info?)

Jerry Park <NoReply@No.Spam> wrote in news:p Jh_e.656$Qb6.412
@bignews6.bellsouth.net:

> strutsng@gmail.com wrote:
>
>>In terms of wireless network security, is WEP encryption the
>>most secure choice?
>>
>>I am the home user, and have multiple machines connect to
>>the wireless router inside the house. I worry about the
>>wireless security and people can hack the machines.
>>
>>There are choices such as WEP 64 bits, WEP 128 bits, and PSK.
>>I chose WEP 128 bits but not sure if this is the most
>>secure choice.
>>
>>Any other suggestions to make the wireless network more secury?
>>
>>Please advise. thanks!!
>>
>>
>>
> WEP is flawed. Anyone with the proper tools and time can break it.

Yes and not much time either. Say around two minutes max.

>
> WPA is considered very secure if you use a good passphrase. Either TKIP
> or AES (WPA2).

Much stronger than WEP. Probably fine for most purposes.

Klazmon.


>
Anonymous
a b 8 Security
September 28, 2005 3:46:49 PM

Archived from groups: (More info?)

strutsng@gmail.com wrote:

> I am using linksys wireless router, and it doesn't support WPA, it has
> WEP.
> any ideas??

Can you post the model number of your linksys? You did say earlier that
among your choices was something called "PSK" (Private Shared Key).
That may be a WPA mode.

-j
Anonymous
a b 8 Security
September 28, 2005 4:52:21 PM

Archived from groups: (More info?)

<strutsng@gmail.com> wrote in message
news:1127882106.585473.170040@g44g2000cwa.googlegroups.com...
>
> Jeffrey Goldberg wrote:
>> strutsng@gmail.com wrote:
>> > In terms of wireless network security, is WEP encryption the
>> > most secure choice?
>>
>> There is a very serious flaw in WEP which allows it to be cracked fairly
>> easily. If you have a choice between WEP and WPA go with WPA.
>>
>
> I am using linksys wireless router, and it doesn't support WPA, it has
> WEP.
> any ideas??
>

If you go out to the Linksys web site, you can download
a newer version of the firmware for the box. This will
add WPA.

Other options:
1. Use a VPN (openvpn, poptop)
2. Use a Radius authentication server.
3. Use a different router.
4. Use this router as a front-end to another firewall,
so you'll have WiFi (public, and open, and also
have a secure private LAN).

Enjoy
Postmaster
Anonymous
a b 8 Security
September 28, 2005 5:13:47 PM

Archived from groups: (More info?)

Postmaster wrote:
> <strutsng@gmail.com> wrote in message
> news:1127882106.585473.170040@g44g2000cwa.googlegroups.com...
>
>>Jeffrey Goldberg wrote:
>>
>>>strutsng@gmail.com wrote:
>>>
>>>>In terms of wireless network security, is WEP encryption the
>>>>most secure choice?
>>>
>>>There is a very serious flaw in WEP which allows it to be cracked fairly
>>>easily. If you have a choice between WEP and WPA go with WPA.
>>>
>>
>>I am using linksys wireless router, and it doesn't support WPA, it has
>>WEP.
>>any ideas??
>>
>
>
> If you go out to the Linksys web site, you can download
> a newer version of the firmware for the box. This will
> add WPA.
>
> Other options:
> 1. Use a VPN (openvpn, poptop)
> 2. Use a Radius authentication server.
> 3. Use a different router.
> 4. Use this router as a front-end to another firewall,
> so you'll have WiFi (public, and open, and also
> have a secure private LAN).
>
> Enjoy
> Postmaster

There are also three other things to do here, which will provide some
additional layers that someone would have to go through:

1. Properly configure a local firewall on your computers. The router
will provide protection from someone coming in via the hardwired ISP WAN
connection, but will not protect you from someone trying to do
computer-to-computer access via wireless.

2. Disable the ESSID broadcast on the WAP. This disables the ability for
someone to casually identify your WAP passively using common clients.
Also change the ESSID from the default to something that is not
associated with you or your location. The number of my neighbors who
have WAPs in their homes was easy for me to determine, including their
use of ESSID's that reflected their names or addresses or the defaults.
I have spoken to each.

3. Use MAC address filtering on the WAP, which links the WAP connection
to the physical ID's of the wireless NIC's on your computers. It is
possible to spoof MAC addresses, but it is one more thing for someone to
do to get into your network.

The key to security is layers. Do not depend upon a single protection
mechanism.

HTH,

Marc Schwartz
Anonymous
a b 8 Security
September 28, 2005 6:25:53 PM

Archived from groups: (More info?)

strutsng@gmail.com wrote:
>Linksys WRT54GS v2 router

>Does it have WPA support?

Yes, make sure you have the latest firmware from Linksys for this
router.

>WPA is the same as PSK?

Well, PSK is a subset of WPA. I don't have one set up here right now,
but I've played with them a lot lately. You ought to have an
encryption style, which will be {none,wep,wpa} and upon selecting WPA
you'll get another selection of {psk,radius,etc}, and then upon
selecting PSK you'll get {tkip,aes?}.

You'll want WPA - PSK - TKIP with a non-dictionary passphrase.
Anonymous
a b 8 Security
September 28, 2005 6:57:13 PM

Archived from groups: (More info?)

strutsng@gmail.com wrote:
> I have Linksys Wireless-G USB Kit with SpeedBooster
> (http://www.pcsforeveryone.com/product_info.php?products...),
> which contains Linksys WRT54GS v2 router

> Does it have WPA support?

Yes it does.


> WPA is the same as PSK?

PSK, in this context, is a mode of operation of WPA. In your case, PSK
is the best choice. (For environments in which there is a geeky system
administrator at hand, I would advise RADIUS, but that requires a whole
lot of other stuff to be set up on the network.)

> It has PSK-RADIUS, and RADIUS, which one is
> better?

Use the one that offers PSK.

> Ok, if someone really hacked my WEP key, then they can get in my
> machine and steal things?

Big question. It doesn't have a simple answer, which is why security
issues are hard. If someone gets passed WEP, it means that they've
gotten on to your network. The analogy that I like to use, is imagine
if you had a wired home network and you ran some wires out from your
house into the neighborhood for any to connect to.

The rest depends on the security of any internal firewall you may have
(say between your wireless and wired internal networks) and the security
of the particular hosts on those networks and the communication between
those hosts.

So it is best to secure each machine on the network as best as possible
on its own. Keep in mind that someone who gets onto your private
network can sniff all the network traffic, so you don't want sensitive
information (particularly) passwords traveling around your network
unencrypted. If you have highly sensitive information, you should
consider keeping that encrypted even on the disk. With Linux you can
set up entire encrypted filesystems. (But if you forget the pass
phrase, you're data is truly unrecoverable.)

I'm sorry that there isn't a simple answer. For some purposes it is
"good enough" to be better secured then your neighbors. There is the
old joke of two men camping, and a bear starts threatening them at their
campsite. One man starts to put on running shoes. The other says,
"What are you doing? You can't out-run a bear." The first answers with,
"I don't need to out-run the bear, I just need to out-run you."

On the whole, this "good enough" is a bad approach. But nearly
everything needs to be evaluated on a case by case basis. If you wish
to publicly be more specific about your concerns, it will be much easier
to give specific advice.

-j
Anonymous
a b 8 Security
September 28, 2005 7:02:37 PM

Archived from groups: (More info?)

strutsng@gmail.com writes:


>Jeffrey Goldberg wrote:
>> strutsng@gmail.com wrote:
>> > In terms of wireless network security, is WEP encryption the
>> > most secure choice?
>>
>> There is a very serious flaw in WEP which allows it to be cracked fairly
>> easily. If you have a choice between WEP and WPA go with WPA.
>>

>I am using linksys wireless router, and it doesn't support WPA, it has
>WEP.

wep is better than nothing. Remember that an attacker is going to have to
be located fairly near you ( but the house next door might be fine).
As I mentioned, hide the essid, make it complicated as well, so that the
attacker cannot guess it. Again security by obscurity, but that sometimes
works. If on the other hand you have issues that are worth thousands or
millions of dollars, buy a new wireless router that does support WPA, and
make sure that your connections are encrypted (ssh, VPN,...)

>any ideas??
Anonymous
a b 8 Security
September 28, 2005 7:40:03 PM

Archived from groups: (More info?)

"Marc Schwartz" <MSchwartz@mn.rr.com> wrote in message
news:fGw_e.75371$32.29810@tornado.rdc-kc.rr.com...
> Postmaster wrote:
>> <strutsng@gmail.com> wrote in message
>> news:1127882106.585473.170040@g44g2000cwa.googlegroups.com...
>>
>>>Jeffrey Goldberg wrote:
>>>
>>>>strutsng@gmail.com wrote:
>>>>
>>>>>In terms of wireless network security, is WEP encryption the
>>>>>most secure choice?
>>>>
>>>>There is a very serious flaw in WEP which allows it to be cracked fairly
>>>>easily. If you have a choice between WEP and WPA go with WPA.
>>>>
>>>
>>>I am using linksys wireless router, and it doesn't support WPA, it has
>>>WEP.
>>>any ideas??
>>>
>>
>>
>> If you go out to the Linksys web site, you can download
>> a newer version of the firmware for the box. This will
>> add WPA.
>>
>> Other options:
>> 1. Use a VPN (openvpn, poptop)
>> 2. Use a Radius authentication server.
>> 3. Use a different router.
>> 4. Use this router as a front-end to another firewall,
>> so you'll have WiFi (public, and open, and also
>> have a secure private LAN).
>>
>> Enjoy
>> Postmaster
>
> There are also three other things to do here, which will provide some
> additional layers that someone would have to go through:
>
> 1. Properly configure a local firewall on your computers. The router
> will provide protection from someone coming in via the hardwired ISP WAN
> connection, but will not protect you from someone trying to do
> computer-to-computer access via wireless.
>
> 2. Disable the ESSID broadcast on the WAP. This disables the ability for
> someone to casually identify your WAP passively using common clients.
> Also change the ESSID from the default to something that is not
> associated with you or your location. The number of my neighbors who
> have WAPs in their homes was easy for me to determine, including their
> use of ESSID's that reflected their names or addresses or the defaults.
> I have spoken to each.
>
> 3. Use MAC address filtering on the WAP, which links the WAP connection
> to the physical ID's of the wireless NIC's on your computers. It is
> possible to spoof MAC addresses, but it is one more thing for someone to
> do to get into your network.
>
> The key to security is layers. Do not depend upon a single protection
> mechanism.
>
> HTH,
>
> Marc Schwartz

Gee guys, we forgot the big-ie...

Change the password on the router to something other
than "admin" :-)

-----------------
and of course one might consider hiding in a toxic cloud ...

Get another router with WAP, but hook up that old
beast to a separate computer that is infested with
viruses. Set it to channel 6, NO encryption, ESSID = linksys,
Enable DHCP, Don't connect to the net, just to the
honeypot/infested system, (change the password on the router),
Export plenty of Windows shares with read-only permissions.
( Not drive C )
and every few minutes send a Winpopup type message
to your guests... "Come on in, the water is fine"
And just let the invaders choke in a toxic cloud :-)

Then at the same time, on your new router..

1. Enable WAP (Use a 20+ character password)
2. Enable MAC filtering.
3. Change the router management password
4. Disable broadcast of ESSID.
5. Disable WAN ICMP (ping replies)
6. Use a Radius authentication server.
7. Use a VPN. ( IPSEC with certs )
8. Enable router logging.
9. Router's LAN side only goes to the internal firewall
and VPN gateway.

Now your comfortable fort is moderately secure and has a
nifty toxic cloud, for the "casual" invader's entertainment :-)

Enjoy,
Postmaster
Anonymous
a b 8 Security
September 28, 2005 8:18:34 PM

Archived from groups: (More info?)

> As I mentioned, hide the essid, make it complicated as well, so that the
> attacker cannot guess it. Again security by obscurity, but that sometimes

Any hacker isn't going to guess, they're just going to run kismet for
example and it'll pop right up.

Don't hide the SSID, it just makes it harder to find a free channel and
doesn't add any security.

David.
September 28, 2005 8:28:50 PM

Archived from groups: (More info?)

Marc Schwartz wrote:

> 1. Properly configure a local firewall on your computers

Good advice.

> 2. Disable the ESSID broadcast on the WAP.

Absolutely useless.
Casually connecting using common clients is already prevented even by
using only WEP.
This will not slow down people that really want to attack your network
at all.

> Also change the ESSID from the default

That's usefull to prevent from accidentally associating with your
neighbours network instead of your own if they buy the same brand access
point.
For security purposes again this is completely useless.

> 3. Use MAC address filtering on the WAP, which links the WAP connection
> to the physical ID's of the wireless NIC's on your computers. It is
> possible to spoof MAC addresses,

MAC address filtering is by far the easiest 'security measure' to
circumvent.

It can be useful to maybe alert an administrator or to log unregistered
MAC adresses that try to associate but that usually doesn't happen in
home situations.

If someone is actually capable of cracking WEP they will not have any
problem at all with any of the other mentioned "security layers" so
don't even bother.

As already mentioned:
Just use WPA, make sure you use a _long_ and _random_ key and don't
worry about the rest except the firewalls because it just doesn't add
anything useful.

Sander
Anonymous
a b 8 Security
September 29, 2005 12:00:42 AM

Archived from groups: (More info?)

"Jeffrey Goldberg" <nobody@goldmark.org> wrote in message
news:11jli7qvg7640d@news.supernews.com...
> strutsng@gmail.com wrote:
>
>> I am using linksys wireless router, and it doesn't support WPA, it has
>> WEP.
>> any ideas??
>
> Can you post the model number of your linksys? You did say earlier that
> among your choices was something called "PSK" (Private Shared Key). That
> may be a WPA mode.
>
> -j
>

Step 1. Security mode -> WPA Preshared key
Step 2 WPA Algorithm -> TKIP (Temporal Key Integrity Protocol)

It's the temporal key exchanges that add the additional
security of WPA. A key, is only a key for a short
period of time, then the keys change. Thus making
a sniff and capture much less interesting.

Enjoy
Postmaster.
Anonymous
a b 8 Security
September 29, 2005 12:43:45 AM

Archived from groups: (More info?)

On Wed, 28 Sep 2005 15:40:03 GMT, "Postmaster" <postmaster@127.0.0.1>
wrote:

> -----------------
> and of course one might consider hiding in a toxic cloud ...
>
> ...... <snip>
>
> Now your comfortable fort is moderately secure and has a
> nifty toxic cloud, for the "casual" invader's entertainment :-)

The US is just crazy enough that an intruder who choked on your toxic
cloud would be able to sue you for setting a trap. I kid you not.
Unfortunately.

mike
Anonymous
a b 8 Security
September 29, 2005 2:07:40 AM

Archived from groups: (More info?)

I want to make the wireless network at home becomes more secure, then I
should make sure all connections are encrypted?

I should setup VPN host or SSH at home, so that all machines are inside
the VPN network? Does PC Anywhere work?


please advise ...
Anonymous
a b 8 Security
September 29, 2005 3:28:11 AM

Archived from groups: (More info?)

strutsng@gmail.com writes:

>I have Linksys Wireless-G USB Kit with SpeedBooster
>(http://www.pcsforeveryone.com/product_info.php?products...),
>which contains Linksys WRT54GS v2 router and Linksys WUSB54GS network
>adapter.

>Does it have WPA support?

>WPA is the same as PSK? It has PSK-RADIUS, and RADIUS, which one is
>better?

>Ok, if someone really hacked my WEP key, then they can get in my
>machine and steal things?

No. They can get onto your network. Linux machines need to be logged into.
Ie there is yet another layer of protections-- your password to log onto
your system. Now, if you make a habit of not using ssh to log from one
machine to the other on your network, then they could monitor your network
to find your password and then log onto your system and steal stuff.
On the other hand if you do not do such things, then they will somehow need
to get your password first before they can get into your machine.



>Please advise more...
Anonymous
a b 8 Security
September 29, 2005 3:32:42 AM

Archived from groups: (More info?)

floyd@apaflo.com (Floyd L. Davidson) writes:

>Unruh <unruh-spam@physics.ubc.ca> wrote:
>>wep is better than nothing. Remember that an attacker is going to have to
>>be located fairly near you ( but the house next door might be fine).

>True.

>>As I mentioned, hide the essid, make it complicated as well, so that the

>Silly.

>You *can't* hide the ESSID! You can turn off periodic
>broadcasting of the ESSID, but that does *not* hide it. It is,
>unencrypted, sent in every packet you transmit. The broadcast
>merely makes sure that you do in fact transmit a packet at
>short, regular intervals.

>The point of doing that is to allow a short "scan" to detect the
>presense of a network. The value is that it can be *avoided* if
>it will interfere with another network. Hence if you turn off
>ESSID broadcasts the likelyhood that a neighbor will fire up his
>wifi access point on the same channel as yours, is much greater
>than if the ESSID broadcast is enabled.

>If the neighbor is interested in cracking your network, the lack
>of an ESSID broadcast is *not* going to hide the existance of
>the network for longer than it takes you to use it. Which is to
>say that as soon as you actually do use it for traffic, your
>ESSID is available to the neighbor.

>>attacker cannot guess it. Again security by obscurity, but that sometimes

>It has *nothing* to do with security, obscure or otherwise.

>>works. If on the other hand you have issues that are worth thousands or
>>millions of dollars, buy a new wireless router that does support WPA, and
>>make sure that your connections are encrypted (ssh, VPN,...)

>All of the Linksys routers support WPA. The earlier /firmware/
>doesn't though, and either a Linksys upgrade or third party
>firmware can be downloaded and applied to add support for WPA.


Thanks for the lesson. One of the wonderful features of netnews is that
your own mistakes get rapidly corrected.
Anonymous
a b 8 Security
September 29, 2005 12:16:40 PM

Archived from groups: (More info?)

jrefactors@hotmail.com wrote:

> I want to make the wireless network at home becomes more secure, then I
> should make sure all connections are encrypted?
>
> I should setup VPN host or SSH at home, so that all machines are inside
> the VPN network? Does PC Anywhere work?

Set up a VPN. There are several to chose from. Windows includes PPTP and
others are available. I use OpenVPN, which comes with Linux and is also
available for Windows.
!