-
May 22nd, 2006, 12:09 PM
#1
Registered User
WEP or WPA
Just wondering whats more secure here? Whats the pros and cons of them? Cheers
Mick
-
May 22nd, 2006, 12:26 PM
#2
Registered User
WEP is very very weak. Why? parts of the key is transmitted from time to time within the data sent. In about 10mb of traffic you have more than enough to decompile the key. Very bad.
WPA is much more protective, it doesn't do what WPA does (send the key)
http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
-
May 22nd, 2006, 12:55 PM
#3
Registered User
WPA all the Way. (Hey that rhymes)
I would go with WPA and if your router supports is I would incorperate MAC filtering as an added layer. Also do not broadcast your SSID.
One thing you have to consider is some wireless Network cards do not support WPA, but that is mainly for the older ones. I do not think I have run into a a/b/g card that does not support WPA sold today.
-
May 23rd, 2006, 08:55 AM
#4
Registered User
Originally Posted by BOB IROC
I would incorperate MAC filtering as an added layer.
This is also a good idea
Originally Posted by BOB IROC
Also do not broadcast your SSID.
This has absolutely ZERO benefit. It does not "hide" your access point.
-
May 23rd, 2006, 05:51 PM
#5
Registered User
MAC filtering won't hide your access point, but disabling SSID broadcast per Bob's suggestion will. As he says, MAC filtering is just another layer of security and peace of mind. Both in short supply these days.
(Edit) to be a bit more correct and fairer to Fubarian, there are indeed techniques to discover wireless LANs even if SSID broadcast is disabled, but many, or most intrusion attempts can be defeated by this means.
Last edited by slgrieb; May 23rd, 2006 at 06:09 PM.
Reason: Just to Clarify
-
May 23rd, 2006, 06:14 PM
#6
Registered User
Originally Posted by slgrieb
to be a bit more correct and fairer to Fubarian, there are indeed techniques to discover wireless LANs even if SSID broadcast is disabled, but many, or most intrusion attempts can be defeated by this means.
Thats what I was going for, but some seem to think it has Zero benefit. It may not be much, but every little bit helps.
-
May 24th, 2006, 08:46 AM
#7
Registered User
Every single time you connect, it sends a broadcast for the AP and the AP replies with a broadcast as well. All I do is interrupt your AP (use a wireless phone does this rather easily) and guess what? Oh, I got your SSID. Run a AP monitoring program and find this out for yourself.
Hiding the SSID broadcast gives 0 benefit, period. Security through obscurity does not work and is a terrible practice. MAC filters, yes (and even this is weak and spoofable, rather easily), WPA-PSK, AES and TKIP, yes! Hiding something, NO
Last edited by Fubarian; May 24th, 2006 at 08:51 AM.
-
May 24th, 2006, 09:15 AM
#8
Registered User
Originally Posted by Fubarian
Hiding the SSID broadcast gives 0 benefit, period.
Sheesh Fubarian, did someone piss in your cheerios?
Not everyone has all these utilities that you speak of or knows how to use them, but I still think hiding your SSID and running MAC filtering will help keep the average neighbor of knowing you have a wireless network. Then you add WPA or WPA2 for added protection.
-
May 24th, 2006, 09:31 AM
#9
Registered User
No, not at all! I just don't like people giving incorrect information -- the tools are very easy to find and are FREE and its got to the point the village idiot (well, ok not QUITE that easy) can figure it out with 30 minutes of internet searching.
Side note : One benefit to SSID is "long range" devices will stay connected better
-
May 24th, 2006, 09:43 AM
#10
Laptops/Notebooks/PDA Mod
Originally Posted by Fubarian
This has absolutely ZERO benefit. It does not "hide" your access point.
Well, I wouldn't say "zero" benefits, here are a few:
- People who are not wardriving, etc. will not notice your network. If the average joe just pulls out a pda, laptop etc. and isn't looking to "crack" into a WiFi network, but rather just "hop" onto a free WiFi signal, they'll just keep moving along.
- The neighbor next door will not have it listed in his available networks, etc. and possibly connect to it either intentionally or unintentionally.
Last edited by 3fingersalute; May 24th, 2006 at 09:45 AM.
-
May 24th, 2006, 09:44 AM
#11
Registered User
Sorry Fubarian, you just sounded like you were getting a little angry. And I dont think I am giving "incorrect" information here either. Well as I said Hiding your SSID and Using Mac filtering will keep the AVERAGE neighbor from knowing about your wireless network. As most people like that do not have and are not going to search for or use such utilities. However, if they can see a publically broadcasted SSID they may be likely to try and use the network for free internet.
I say this because I have seen it happen. I ran into a friend while shopping at best buy a couple months ago and he said he wanted to get a wireless card for his brother. I asked what kind of internet does he have and he said "he doesn't. His neighbor has a wireless network that he is going to steal a connection from" And that is just one example, but I have had teachers come up to me and ask similar questions like "what kind of wireless card should I get if I want to use my neighbors wireless network without them knowing it. Blocking your SSID and using MAC filtering will help at least a little bit with those situations. Don't ya think?
-
May 24th, 2006, 09:44 AM
#12
Registered User
and now they both have the same SSID and you connect to my network by mistake ...
-
May 24th, 2006, 09:48 AM
#13
Registered User
Originally Posted by Fubarian
and now they both have the same SSID and you connect to my network by mistake ...
How do you figure? You make the SSID unique, you just block it from being broadcasted. Then you input your connection information into your wireless device manually. Granted that many people do no change their SSID from the defaults, but that is not the situation here I don't think.
-
May 24th, 2006, 09:49 AM
#14
Laptops/Notebooks/PDA Mod
I like to explain wireless security to people as being like locks on you car or house. Locks keep the honest people honest. If they walk up to a door and turn the handle and its locked, a honest person will walk away. If they're not an honest person, the lock is only going to slow them up a tad from getting in until they smash a window, bust the door (break the WEP/WPA, MAC filter, etc.).
-
May 24th, 2006, 09:53 AM
#15
Laptops/Notebooks/PDA Mod
What I hate is Verizon ships Westell modems out to all new DSL customers with wireless enabled by default, no security enabled, and the average customer installs with the cd, has the Westell modem/router hooked to their computer with an ethernet or usb cable, and have no use for wireless and have no clue that they're broadcasting a free WiFi unsecured signal to anybody nearby.
Similar Threads
-
By marik in forum Networking
Replies: 1
Last Post: October 6th, 2005, 03:49 AM
-
By Ya_know in forum Networking
Replies: 8
Last Post: May 20th, 2005, 08:03 AM
-
Replies: 3
Last Post: April 25th, 2004, 07:15 PM
-
By Mech in forum Networking
Replies: 4
Last Post: September 15th, 2003, 11:28 AM
-
By tablesalt in forum Windows NT/2000
Replies: 0
Last Post: December 18th, 2002, 09:55 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks