FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


WEP or WPA?





Shadowninja7194
Which of the following wirless security messures do you use? For my network, i use WEP. it's worked great for me so far. Of course its crackable, but a whole lot harder to crack then WPA.
adri
I use WPA, but actually I don't care. I had unprotected wireless for about two years before changing it to WPA. I live in a residential area where everybody has internet so I'm not really bothered with the security of my wireless.

Adri
polly-gone
Shadowninja7194 wrote:
Which of the following wirless security messures do you use? For my network, i use WEP. it's worked great for me so far. Of course its crackable, but a whole lot harder to crack then WPA.



You have that backwards. WEP is much, much, much easier to crack than WPA. WPA is the newest and most secure. WEP can be easily cracked if you know what you are doing in about 15 minutes, or if your password is short/not very secure, as little as 5. WPA takes much more to crack, it takes a lot longer, and it has extra security features to keep you safe (i.e. to crack it, at least one agent must already be connected to the network. If nothing is connected its impossible to crack.) WEP is very, very insecure and you should definitely upgrade to WPA2-Personal.

Nick Smile Smile Smile
Bikerman
Yes, avoid WEP - it is very insecure and anyone with a few basic tools can crack it.
WPA-2 is the minimum you should be using on any modern router.
The-Nisk
Actually WPA can also be cracked quite easily if the key is a relatively dictionary word or simply too short.
WEP is just a joke.

I use my network for file-sharing and streaming, so I need the traffic to be encrypted Smile
badai
i use mac address filter. no encryption.

cons: kind of troublesome to set up new computer, have to find out the mac address, then enter it in AP setting. and if there is any FBI agent around, they can eavesdrop me because it's not encrypted.
Hogwarts
badai wrote:
i use mac address filter. no encryption.

cons: kind of troublesome to set up new computer, have to find out the mac address, then enter it in AP setting. and if there is any FBI agent around, they can eavesdrop me because it's not encrypted.


Not only that, anybody with half a mind technically can compromise that with incredible ease Sad

Encryption would be much, much better for you to use.
Bikerman
I thought WPA-2 was already encrypted using AES?
badai
how? figure out what mac address saved in AP and spoof it or hack the AP itself?


Hogwarts wrote:
badai wrote:
i use mac address filter. no encryption.

cons: kind of troublesome to set up new computer, have to find out the mac address, then enter it in AP setting. and if there is any FBI agent around, they can eavesdrop me because it's not encrypted.


Not only that, anybody with half a mind technically can compromise that with incredible ease Sad

Encryption would be much, much better for you to use.
Hogwarts
badai wrote:
how? figure out what mac address saved in AP and spoof it or hack the AP itself?

The MAC address of any parties in connected is viewable; encryption enabled or not. How would your router filter by MAC addresses if they weren't sent to it in the first place? Encryption is, ultimately, the only way you'll have a secure connection.

Bikerman wrote:
I thought WPA-2 was already encrypted using AES?

WPA and WPA-2 can both use either AES or TKIP: but I wouldn't use TKIP, as it's no longer secure.

In badai's case, he's not using either: meaning his network has no encryption.
Bikerman
Well it isn't so much trouble to set AES encryption on a small network (or even a big one if you have remote workstation control)...so why not simply set encryption on server and clients and then any WPA-2 routes would be AES as well?
coolclay
I am curious if there has ever been a legitimately reported case where someone has hacked WEP or WPA and actually done anything wrong. Obviously people have done it to prove it can be done, but really how many people actually have to be worried? In the earlier days of WIFI (2004-2008), I could easily go on vacation anywhere and get unprotected wireless to check my email, get directions, addresses and other things I needed. But now even your average Joe Wifi has password protected his router, and it's a pain in the butt! Of course there is still at least one house per block with good WIFI it just takes longer to find now! I just don't understand, I mean, do people really hack into folks networks and steal info?
badai
the thing is, if other people use your wifi to access the Internet and do something illegal, it's you that will be hauled up to be send to Guantanamo. they don't care if it's someone else is using it.
Hogwarts
coolclay wrote:
I just don't understand, I mean, do people really hack into folks networks and steal info?

Why would I wanted random people using my setup to access .. anything? Not just my internet connection, but also things such as my print server. Ultimately, I would be making myself vulnerable to a variety of things.

Consider: why do you lock the door to your house? I'm sure it'd be convenient for people randomly passing through your area to just walk in and get help themselves to a glass of water (not as though it'd cost you anything, right?)
deanhills
coolclay wrote:
But now even your average Joe Wifi has password protected his router, and it's a pain in the butt!
I'm not sure how this is a pain in the butt. I would have thought that a password would be a safety precaution of sorts, i.e. not everyone and Harry would be able to get into the router? Also, it is easy when you have the password. You only really have to input it once. I'm using WIFI right now, and have no problems, once I was set up. Do I feel really secure however. I don't think so. I don't know the system over here. And who can be 100% safe ever? It's always a question of taking a risk.
coolclay
I explained how it's a pain, when I am on the road I can't get wireless as easily anymore! I used to be able to drive into any neighborhood and check my email, but now it takes a few blocks before I get an open signal.

I totally understand people's concern over illegitimate use of someone's bandwidth, but a friendly passerby who wants to check his email that's kind of harsh. And yes a password is definitely a safety precaution but safety from what, how many people have ever actually had harm done because someone accessed their WIFI. Obviously I know you can't differentiate between bad people vs. good people that's fairly obvious. I guess I should have been born a 100 years ago when people actually trusted and cared about others, and people shared a glass of water if someone was thirsty and you didn't have to wait 5 hours to hitch a ride.

Road tripping across the country for under $100 is really fun because you learn how different people are from different parts of our country.

Btw I don't lock the door to my house, if someone really wants to steal something that I have worked hard to earn then I guess they need it more than I do. Besides where there is a will there is a way. I have broken into so many "locked" houses (legitimately) that I know there is no such thing. Besides in an emergency situation and someone needed a phone, and I wasn't home I am much happier knowing someone had access to a phone then trying to frantically get into a locked house.

Either way humans are naturally selfish beings, even if there were no threat or danger, people would password protect WIFI just because of the thought of someone else borrowing something of theirs.

Thank goodness for those that know nothing about computers who provide free WIFI across the globe!
Abhishukla
I AM A NETWORK PROFESSIONAL, AS THE SECURITY OF WIRELESS NETWORK IS CONCERNED. I SUGGEST TO USE WPA2(WiFi PROTECTED ACCESS 2) IT IS QUIT DIFFICULT TO HACK OR CRACK AS THIS ENCRYPTION TECHNOLOGY IS NEW AND THE WPA2 IS ENCRYPTED OVER 256 BIT KEY.
Bikerman
Abhishukla wrote:
I AM A NETWORK PROFESSIONAL, AS THE SECURITY OF WIRELESS NETWORK IS CONCERNED. I SUGGEST TO USE WPA2(WiFi PROTECTED ACCESS 2) IT IS QUIT DIFFICULT TO HACK OR CRACK AS THIS ENCRYPTION TECHNOLOGY IS NEW AND THE WPA2 IS ENCRYPTED OVER 256 BIT KEY.

Hi Abhishukla,
Might I suggest that unless you are using an old VT as input, the caps lock key is best left off for messageboards. I agree about WPA-2 - it is secure enough for most purposes.
Shadowninja7194
lol oops sry XD
iman
WPA2 is the best as of now.
It's what I use back at home
AftershockVibe
badai wrote:
how? figure out what mac address saved in AP and spoof it or hack the AP itself?


Hogwarts wrote:
badai wrote:
i use mac address filter. no encryption.

cons: kind of troublesome to set up new computer, have to find out the mac address, then enter it in AP setting. and if there is any FBI agent around, they can eavesdrop me because it's not encrypted.


Not only that, anybody with half a mind technically can compromise that with incredible ease Sad

Encryption would be much, much better for you to use.


Furthermore, even if MAC address filtering did secure your access point to a reasonable level, broadcasting your own data in the clear is not just a con, it's a terrible idea!

This probably won't matter for your GMail or Banking passwords (they are encrypted via HTTPS) but, for example, your forum passwords, any FTP password, anything you transfer on an unencrypted connection is visible to anyone who might be watching. Does your router use HTTPS? Most don't. There goes the admin password in the clear.

Similary, Windows network share passwords are encrypted - but any file you transfer isn't. Letter to the bank? Thanks for the account number and address.
alugueldelanchaangra
WPA-2 is the safest for sure
bjornhoogeveen
I agree. WPA-2 works nice, and is safe too Smile
BigGeek
I agree with WPA-2 as well, I'm also a network professional Shocked

Abhishukla, why are you shouting? Laughing

My team lead in my last job used to type in all caps in messaging and emails, and everyone used to think he was shouting all the time..........CAPS MEANS YOUR SHOUTING< OR MAD......

He never did stop typing in caps Very Happy

Funny the MAC address feature was mentioned. My wireless has LAN ports on it, and I have to desktop PCs connected to it, one being a print server. I set my DHCP range so that I only have 3 addresses in the range. then set the addresses for the 2 desktops and the laptop that runs over wireless, as preferred. And then configured the MAC addresses of each on the router as well as enabled WPA-2.

That way even if someone was able to hack the encryption their MAC wouldn't match the preferred list or reserved addresses to MAC settings, and there are no addresses in the range available.

Although I set up my 2 year old D-Link like that, and it died about 2 months later, I think it hammered the processor. New Netgear router runs OK set up like that!
deanhills
BigGeek wrote:
My team lead in my last job used to type in all caps in messaging and emails, and everyone used to think he was shouting all the time..........CAPS MEANS YOUR SHOUTING< OR MAD......!
Funny though, I see quite a number of computer Geeks using Caps only, and I'm sure not with the intent to shout. Must be that they started to use the computer using caps only, and maybe did not know about lower case, and then when they discovered lower case, it did not look as great as in caps .... Smile
Bikerman
That is why I mentioned VT in my reply.
Anyone my age is old enough to have started on VT-50 or even earlier terminals (Video Terminal = VT). VT-50 and its predecessors only had capitals.
dazzsser
How about WPA-1? I Have that on my network. Is it still good?
erlendhg
polly-gone wrote:
WEP can be easily cracked if you know what you are doing in about 15 minutes, or if your password is short/not very secure, as little as 5.


That's right!
I have easily cracked my 128-bit encrypted WEP network in about 8 minutes. Piece of cake :p

Isn't standard WPA2 for RADIUS server setups? When you are talking about WPA2 here, do you really mean WPA2-PSK, or am I missing something?
Bikerman
No you have it right. Yes, standard WPA-2 is designed for use with Radius servers and people here are mostly referring to the non-server PSK flavour...
James007
Protocols would be low level communication software so I moved it down there. Didn't hurt, now did it? ^^

I find it heartbreaking as an IT guy that WEP is still being used as the standard on many routers.
mahirh
@ biggeek ,
first of all im sorry for calling you an idiot which im doing now
, im not even a network professional , but still i have cracked 5 mac adress encrypted ap without aany help , i did not even need a guide
i just went to a cofee shop which uses mac adress filtering but no one actually takes the trouble to open the router page or such stupidity , they use telnet , i simply got conectify , got near a guy who used a ipod to connect to the internet wirelessly in the cofee shop when he got out , his ipod automatically connected to my conectify because mine had a better range on the ipod and i just put the same name as the cofee shop network's name (so the ipod will think it is a wireless extender in the coffee shop)(the coffee shop has open network too) and after that , i just open connectufy manager , copy the ip adresss and use mac adress spoofer to make it the same and i stand out of the shop and use the internet for free
menino
BigGeek wrote:

My team lead in my last job used to type in all caps in messaging and emails, and everyone used to think he was shouting all the time..........CAPS MEANS YOUR SHOUTING< OR MAD......


.... or it could mean he needs glasses and can't see with smaller fonts... Laughing

Regarding WPA-2... I do belive it is crackable, especially, if you use easy passwords, but it is the most secure of the lot.
There was an article, I had read about sometime ago, based on a security meet in the US, where they cracked wpa2, by injecting some data into the ap or router, and based on the feedback, they cracked it, as it had given the password to compare to it. I think it was quite complicated and I think they used 2 laptops, but they said that it was crackable, and posted a video of it.
Once I get the details of it, I'll post it here.
menino
Alrighty.... I found it.... I had to dig for a bit, but found soemthing similar.
The meet was blackhat meet, which I had read about, and here is one of the articles on it :-
http://securityuncorked.com/2010/07/smoke-and-mirrors-the-upcoming-defcon-wpa2-crack/

With this, wpa-2 is not secure.... and I hope they do find soemthing more secure, without compromising on speed.
Possibly they might integrate it with wireless-n technology or probably better than that, later. Confused
Related topics
Creating a new Operating System
Wpa.dbl
Need help securing wireless network
Does anyone know the Linksys Passphrase to WEP Key Algorithm
Free Wireless Program
Getting wpa-psk working on a dell 1370 on LINUX.
[Official]Wii
draadloos internet.
[TEC] Mejorar el rendimiento de tu red WiFi
WPA Security on XP
Wireless USB
Which Appllication have you recently downloaded?
Can't connect to home wireless network without ethernet
Wifi questions
Reply to topic    Frihost Forum Index -> Computers -> Software

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.