Sign in with
Sign up | Sign in
Your question

Wireless LAN solution (time to plug products!)

Tags:
  • Wireless Network
  • Products
  • Wireless Lan
  • Networking
Last response: in Networking
Share
Anonymous
September 13, 2001 8:35:21 PM

Hello,
I was wondering if anyone had an opinion on the best wireless network solution currently available. This would be for a small segment (2-5 users) on a much larger network. I have been doing extensive research on securing a wireless network and would like to do some hands on work. I'm assuming we just need a few pieces of hardware...an access point and some NIC cards. I'm 100% anti-Linksys products and prefer Netgear, but from what I have seen, Netgear does not currently support the 128 bit encryption setting. Possibly Cisco or other products? Please let me know any opinions, successes you have. Also, I understand there are some Access Points that are going to have a VPN and Firewall solution available. Any information on that?

Thanks for any discussion.

More about : wireless lan solution time plug products

October 6, 2001 2:38:38 PM

If you want the best, then the Cisco 350 is the best Access Point, though quite expensive and probably overkill for your needs. I like the SMC for SOHO WLAN products.
October 8, 2001 5:49:07 AM

You'll be glad to know there is no currently secure wireless network standard. The 128 WEP (Wireless Encryption Protocol) is apparently being taken down in the 10-20 second range due to a vunerability in the keys.

As you have hinted at, the only way really to do this securely at present is to have a VPN tunnel over the 802.11 link. Maybe the cheapest/easiest solution that would not require extra networking kit is going to be to use Win2K and IPSEC, with a Win2K server at the other end as an end point, but I don't know if this works for your stituation. Otherwise you are looking at a hardware based solution and VPN clients on the PCs/Laptops.

For sure the available bandwidth and performance will drop once you do it though...

-* This Space For Rent *-
email for application details
Related resources
October 8, 2001 10:41:24 AM

Could you post a link to the 20-30 second story. I am in the business. It takes about 24 hours to break a 128 Bit WEP key.

CCNA, MCSE, A+, Cisco Certified Wireless Field Engineer
October 8, 2001 11:35:26 AM

Sorry - I don't have anything myself, but I know our Infosec team will not permit Cisco wireless back on right now because of the vunerabilities associated. Even LEAP is out of the question.

I'll see if I can find something and get back to you, I know LEAP was an issue because the initial logon strings were clear-text. We are definitely off the air for the moment....

-* This Space For Rent *-
email for application details
October 8, 2001 8:41:04 PM

Cisco and some other vendors are working on dynamic WEP as the answer. There are some other ways around it. You can only accept associations from MAC addresses that you type in to the AP or bridge. WOuld get to be a hassle if you had alot of roaming and a high number of clients but you can shut em down. I have played around with Netstumbler and a few other 802.11b hack software. It will show the devices, SSID's etc, but you cant get into there networks with WEP on. Yeah, it has its holes, but I would love to see literature that says 10-20 seconds cuz all the stuff I have read, and that is alot, says 24 hours for 128 bit WEP.

CCNA, MCSE, A+, Cisco Certified Wireless Field Engineer
October 16, 2001 7:48:24 AM

I'm still pressing our guys for the info, but Cisco themselves say WEP _can_ be done in a hour or so. Many believe less.

-* <font color=red> Under Offer </font color=red> *-
email for application details
October 18, 2001 11:58:48 PM

Nope. www.extremetech.com ... Look under Networking...Theyt did an article (more of a "HOW-TO", actually), about hacking wireless networks. Its cheap, too. Like 200 bucks gets you a nice omnidirectional antenna and compatible PC card. Then all you need is a PC dual booting Linx and Windows. Use NetStumbler to get a channel, and find its location using a GPS (optional). Then, boot into Linux, park in the parking lot of the company, and run AirSnort (Hoorah for Open Source software!) to hack the WEP. There is NO wireless network security...Better hope you don't have a Web Server near a wireless network, or you're gonna get h4X0red with your pants down...

"If you teach a child to read, then he or her will be able to pass a literacy test" - George W.
October 19, 2001 5:49:58 PM

Yep, read the very same article just yesterday. Here is what it actually says. If you have a tremendous amount of traffic (They did the test on AT&T's network) it can go quite quickly. It took them about 2 hours. Generally, mid to high traffic LAN's will be in the 3 to 5 hour range. Slow or no traffic could take days, so most Home based lans would likely take quite a well, maybe closer to the 24 hours I had read about earlier. I dont think there is a debate that they can be hacked but it is not as easy and the doomsday proclaimers would have you believe. It will probably continue to get easier however, so that statement may change. Here is the thing, this is a very big, burgeoning industry, and Cisco, Orinco, and other major vendors will and allready are responding to the dilemma. Whether they succeed or not I guess remains to be seen.

CCNA, MCSE, A+, Cisco Certified Wireless Field Engineer
!