I thought WEP key security was the better solution but I always seem to have problems when using different devices - I never seem to have this problem with PSK. What is supposed to be the best security?
Printable View
I thought WEP key security was the better solution but I always seem to have problems when using different devices - I never seem to have this problem with PSK. What is supposed to be the best security?
Generaly speaking, WPA is the strongest you will be using. WEP is pretty insecure and can be broken fairly quickly by todays standards.
SSID off, WPA Key with Mac filtering is generally what I use
no encryption on the wireless, firewalled access at the router blocking everything except a vpn port....
secure the vpn :)
Now that sounds an interesting alternative - I will have to look into that :)
Quote:
Originally Posted by pak000
Any links with info on this mate?
the best place i would say to start is www.openvpn.net, although windows comes inclusive with a vpn client, its not particularly great, certainly steer clear of pptp implementations as they are weak and can easily be broken, IPSEC is good, but complicated to set up and can have its quirks with hardware despite it having a standard
Openvpn is a seperate program that can run as both a client and server
Its is
a) free
b) compatible on most os's
c) encrypts data in 3 different ways, blowfish 3des and aes
d) relatively simple to set up
also (from a quick google)...
http://www.wi-fiplanet.com/tutorials...le.php/3484186
http://www.jeroen.se/articles/wifi.php
http://www.informit.com/articles/art...?p=387173&rl=1
Can you find me examples of how to break the current Microsoft PPTP?Quote:
Originally Posted by pak000
The only real weakneses is the control reaffic is unencrypted allowing potential DoS, and using weak passwords as the key is generated using your password and if it isn't long enough. The only real fear of wireless is snooping/using your connection. The weak passwords is easily solved and the unencrypted control traffic is not a problem in this case.
Using IPSEC when PPTP is available for home use pointlessly complicates things. IPSEC undoubtably has its place as it can be very powerfull and secure when implemented properly, but it is overkill for home and even most small office use.
^^ What he said :)
the level to which you protect your wireless segment shoudl depend ont he percieved sensetivity of the data you want to protect.
If you just want to prevent casual piggybacking of your DSL line then WPA with a reasonable length key should be sufficient.
In a larger network , treating wireless clients as if they where connecting from an external source ( ie keep them on their own DMZ that will then require some form of encrypted authentication to access the internal resources ) is a better idea
You should try and crack your own network. Then you wont be so worried.
I've heard that wpa can be done quickly now, and while i know wpa is enough for most wannabe hackers I really just want to learn about network security, so may go down the openvpn route anyone got more links? Ta. :)
Oh and opensource would be great for just playing, unless my old machine with win2k on could be used, really can't afford routing software tho.
What kind of network are you looking to secure? Home or corporate?
WEP is breakable in minutes these days. SSIDs are part of the unencrypted packet headers so disabling SSID broadcast isn't increasing security. MAC addresses are easily spoofed.
WPA-PSK is decent for a home network. VPN is better for a corporate WLAN, but a VPN is only as secure as its clients, so lock down the access too.
It's only a home network, but as i said i want to learn about it really. :)
Maybe i overstated how weak it was, although as with most things they are only as strong as the weakest link and although people say that its easy to overcome the problem of weak passwords by making them longer, in truth how many people actually listen to this? If everyone did then it would no longer be an issue.Quote:
Originally Posted by badass
I know that vpn may be overkill for your average home user, but i have my reasons...In an ideal world, i would use wpa, a nice long password that couldn't be cracked without serious attention, while also being easy to implement, however i live in a student house where people don't all have cards that allow wpa, they are too stingy to upgrade and i have also found interoperability problems with getting encryption to work at all with some of them. therefore I chose a route that took the security issues away from the card - openvpn
Ok, there are lots of leads here now - thanks. I am having to secure a web-server when I implement an online task tracking/time capture system.
You really should be using WPA2, you will need an update for winXP
http://www.microsoft.com/downloads/d...displaylang=en
(Link from http://support.microsoft.com/?id=893357)
I can even use WPA2 on an old intel 2100 b miniPCI card