Multiple SSID on Netgear 834GT?

[TooNice]

Got myself a cheap Netgear 834GT from Ebay for my O2 connection because while the O2 box works fine as a simple wired ADSL modem, I lose 5-6Mbit whenever I go wireless (even when I force 802.11g - which my laptop is capable of), and I can't connect wirelessly between PC's without frequent drop.

Good news is that my wireless speed is the same as my wired speed. Less great is that at the same SNR, I seem to lose about 6% of my synch (no biggie really, just vanity - besides I read that people often lose 1-1.5Mbit synch anyway). Currently playing with SNR tweak with DGTeam firmware.

But that's not what I am here to ask. I was wondering if it is possible to setup multiple SSID so that I can run WAP2 on my laptop and WEP (perhaps at reduced bandwidth) for my DS Lite. Failing that, would my network be 'secure' if I go WEP but only MAC address matching my devices to be connected?

[peterb]

You would be more secure by restricting connection to known MAC addresses - you could also disable DHCP. That would make it harder for anyone to hijack your internet connection, but if they broke the WEP code, they could still eavesdrop.

Not quite such a big problem if you are using SSL secured web sites (such as banking) but it is likely that e mail passwords and text would be passed in clear, so they could be snooped.

It comes down to a risk assessment. Wep can be broken relatively easily. If you were in a hall of residence with a load of CS students - I'd say the risk was high. If you are anywhere else, and you aren't a target of interest, then I'd say the risk is low.

Most crackers want an internet conne#ction, rather than snoop (unless you area ToI) so anything you do that makes that harder for them is a good thing.

You could also emply frequent key changes (daily) and of course use the longest key that your equipment supports.

AFAIK - no domestic wireless device supports two rofiles (and there isn't much point - if the SSIDs are broadcast - and even if you disable that, it is again elatively trivial for a determined attacker to spoof the device to transmit it as part of the communications pre-amble.

You could also disable wireless when you aren't actually using it.

So - Security by stealth isn't really security.
Consider what the risks in your situaton ae
Apply as many technical measures that you can
Apply such procedural methods that you can to mitigate the residual risk, while not making the system too inconvenient to use.
Consider upgrading the WEP only device to WPA.

(Some devices will also let you set up a VPN over the wireless link, so the link is end to end encrypted by the client - same principle as SSL)

[TooNice]

Thanks. I think most webmail provider provides at least the option of SSL for log-in, but not all provide encryption for the content (Gmail being one that does). What's ToI?

Well, maybe I'll just stay wired for the laptop. It's a minor hassle but I guess the most secure option, and I can let my console devices connect via WEP and limit the MAC address to only my own devices. It's too much hassle to change password everyday.

The reason I asked is because on the Draytek 2820n, I was able to have two broadcasts easily setup, hence I wasn't sure if it might be a feature you can find on basic routers, or only on business routers. That router also allowed me to severely limit the bandwidth of the WEP connection so that the damage from someone stealing the connection would be somewhat reduced (until they do something very illegal anyway).

[DDY]

My Netgear DGN2000 has the option for 4 different SSIDs, I actually use two SSIDs (One WPA2 and other WEP) for a similar reason, I've got some older equipment that only supports WEP, I've hidden the SSID and applied an access list to only allow the MAC address of my equipment.