Results 1 to 16 of 16

Thread: Best security method on wireless

  1. #1
    Senior Member
    Join Date
    Dec 2005
    Location
    Ilkeston
    Posts
    381
    Thanks
    18
    Thanked
    9 times in 7 posts
    • Pazza's system
      • Motherboard:
      • Asus P5Q Pro
      • CPU:
      • Intel Core2 Quad Q6600
      • Memory:
      • 4.00 GB
      • Storage:
      • 1x 640GB & 2x 1TB drives
      • Graphics card(s):
      • PowerColor HD 4870 512MB GDDR5 Dual DVI HDTV
      • Case:
      • Antec P180
      • Operating System:
      • Vista x64 & Windows 7 Ultimate
      • Monitor(s):
      • Dell 24" (2408)

    Best security method on wireless

    I thought WEP key security was the better solution but I always seem to have problems when using different devices - I never seem to have this problem with PSK. What is supposed to be the best security?

  2. #2
    HEXUS.social member Agent's Avatar
    Join Date
    Jul 2003
    Location
    Internet
    Posts
    19,166
    Thanks
    733
    Thanked
    1,607 times in 1,045 posts
    Generaly speaking, WPA is the strongest you will be using. WEP is pretty insecure and can be broken fairly quickly by todays standards.
    Quote Originally Posted by Saracen View Post
    And by trying to force me to like small pants, they've alienated me.

  3. #3
    Senior Member
    Join Date
    Jan 2004
    Location
    Leicestershire
    Posts
    1,211
    Thanks
    6
    Thanked
    31 times in 30 posts
    • madman045's system
      • Motherboard:
      • P9X79 Pro
      • CPU:
      • I7-3820
      • Memory:
      • 32GB
      • Storage:
      • Not enough!
      • Graphics card(s):
      • HD7970
      • PSU:
      • 850w Corsair
      • Case:
      • Corsair Carbide 300R
      • Operating System:
      • Win 7 Ultimate X64
      • Monitor(s):
      • Dell U2713HM & 2007WFP
      • Internet:
      • Plusnet FTTC - 30mbit/7mbit
    SSID off, WPA Key with Mac filtering is generally what I use

  4. #4
    Senior Member
    Join Date
    Oct 2005
    Posts
    320
    Thanks
    3
    Thanked
    1 time in 1 post
    no encryption on the wireless, firewalled access at the router blocking everything except a vpn port....

    secure the vpn

  5. #5
    Senior Member
    Join Date
    Dec 2005
    Location
    Ilkeston
    Posts
    381
    Thanks
    18
    Thanked
    9 times in 7 posts
    • Pazza's system
      • Motherboard:
      • Asus P5Q Pro
      • CPU:
      • Intel Core2 Quad Q6600
      • Memory:
      • 4.00 GB
      • Storage:
      • 1x 640GB & 2x 1TB drives
      • Graphics card(s):
      • PowerColor HD 4870 512MB GDDR5 Dual DVI HDTV
      • Case:
      • Antec P180
      • Operating System:
      • Vista x64 & Windows 7 Ultimate
      • Monitor(s):
      • Dell 24" (2408)
    Now that sounds an interesting alternative - I will have to look into that

  6. #6
    Senior Member
    Join Date
    Dec 2005
    Posts
    239
    Thanks
    4
    Thanked
    0 times in 0 posts
    Quote Originally Posted by pak000
    no encryption on the wireless, firewalled access at the router blocking everything except a vpn port....

    secure the vpn

    Any links with info on this mate?

    HEXUS believes no one person has a monopoly on ideas, and that your opinion matters.

  7. #7
    Senior Member
    Join Date
    Oct 2005
    Posts
    320
    Thanks
    3
    Thanked
    1 time in 1 post
    the best place i would say to start is www.openvpn.net, although windows comes inclusive with a vpn client, its not particularly great, certainly steer clear of pptp implementations as they are weak and can easily be broken, IPSEC is good, but complicated to set up and can have its quirks with hardware despite it having a standard

    Openvpn is a seperate program that can run as both a client and server
    Its is
    a) free
    b) compatible on most os's
    c) encrypts data in 3 different ways, blowfish 3des and aes
    d) relatively simple to set up


    also (from a quick google)...
    http://www.wi-fiplanet.com/tutorials...le.php/3484186
    http://www.jeroen.se/articles/wifi.php
    http://www.informit.com/articles/art...?p=387173&rl=1
    Last edited by pak000; 16-12-2005 at 10:17 AM.

  8. #8
    Senior Member
    Join Date
    Mar 2005
    Posts
    4,774
    Thanks
    157
    Thanked
    345 times in 278 posts
    • badass's system
      • Motherboard:
      • ASUS P8Z77-m pro
      • CPU:
      • Core i5 3570K
      • Memory:
      • 32GB
      • Storage:
      • 1TB Samsung 850 EVO, 2TB WD Green
      • Graphics card(s):
      • Radeon RX 580
      • PSU:
      • Corsair HX520W
      • Case:
      • Silverstone SG02-F
      • Operating System:
      • Windows 10 X64
      • Monitor(s):
      • Del U2311, LG226WTQ
      • Internet:
      • 80/20 FTTC
    Quote Originally Posted by pak000
    certainly steer clear of pptp implementations as they are weak and can easily be broken,
    Can you find me examples of how to break the current Microsoft PPTP?
    The only real weakneses is the control reaffic is unencrypted allowing potential DoS, and using weak passwords as the key is generated using your password and if it isn't long enough. The only real fear of wireless is snooping/using your connection. The weak passwords is easily solved and the unencrypted control traffic is not a problem in this case.
    Using IPSEC when PPTP is available for home use pointlessly complicates things. IPSEC undoubtably has its place as it can be very powerfull and secure when implemented properly, but it is overkill for home and even most small office use.
    "In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."

  9. #9
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,664
    Thanks
    53
    Thanked
    385 times in 314 posts
    ^^ What he said

    the level to which you protect your wireless segment shoudl depend ont he percieved sensetivity of the data you want to protect.

    If you just want to prevent casual piggybacking of your DSL line then WPA with a reasonable length key should be sufficient.

    In a larger network , treating wireless clients as if they where connecting from an external source ( ie keep them on their own DMZ that will then require some form of encrypted authentication to access the internal resources ) is a better idea
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  10. #10
    Goron goron Kumagoro's Avatar
    Join Date
    Mar 2004
    Posts
    3,094
    Thanks
    37
    Thanked
    152 times in 125 posts
    You should try and crack your own network. Then you wont be so worried.

  11. #11
    Senior Member
    Join Date
    Dec 2005
    Posts
    239
    Thanks
    4
    Thanked
    0 times in 0 posts
    I've heard that wpa can be done quickly now, and while i know wpa is enough for most wannabe hackers I really just want to learn about network security, so may go down the openvpn route anyone got more links? Ta.

    Oh and opensource would be great for just playing, unless my old machine with win2k on could be used, really can't afford routing software tho.
    Last edited by Fidley; 17-12-2005 at 12:37 AM.

    HEXUS believes no one person has a monopoly on ideas, and that your opinion matters.

  12. #12
    Senior Member
    Join Date
    Jan 2004
    Location
    Cambridge
    Posts
    283
    Thanks
    13
    Thanked
    24 times in 23 posts
    • timread's system
      • Motherboard:
      • MSI B450 Tomahawk Max
      • CPU:
      • AMD Ryzen 5 3600
      • Memory:
      • 16GB (2x8GB) Corsair DDR4 Vengeance LPX
      • Storage:
      • 1x WD Blue SN550 500GB M.2 NVMe SSD, , 1x Crucial MX500 1TB SSD, 2x WD 1TB HDD in RAID1
      • Graphics card(s):
      • Gigabyte GeForce GTX 1660 Ti WINDFORCE OC 6G
      • PSU:
      • EVGA SuperNOVA 750W Gold Gen2
      • Case:
      • Fractal Design Define R3 Arctic White
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • AOC 2590 G4, Dell U2412M
      • Internet:
      • VirginMedia
    What kind of network are you looking to secure? Home or corporate?

    WEP is breakable in minutes these days. SSIDs are part of the unencrypted packet headers so disabling SSID broadcast isn't increasing security. MAC addresses are easily spoofed.

    WPA-PSK is decent for a home network. VPN is better for a corporate WLAN, but a VPN is only as secure as its clients, so lock down the access too.

  13. #13
    Senior Member
    Join Date
    Dec 2005
    Posts
    239
    Thanks
    4
    Thanked
    0 times in 0 posts
    It's only a home network, but as i said i want to learn about it really.

    HEXUS believes no one person has a monopoly on ideas, and that your opinion matters.

  14. #14
    Senior Member
    Join Date
    Oct 2005
    Posts
    320
    Thanks
    3
    Thanked
    1 time in 1 post
    Quote Originally Posted by badass
    Can you find me examples of how to break the current Microsoft PPTP?
    The only real weakneses is the control reaffic is unencrypted allowing potential DoS, and using weak passwords as the key is generated using your password and if it isn't long enough. The only real fear of wireless is snooping/using your connection. The weak passwords is easily solved and the unencrypted control traffic is not a problem in this case.
    Using IPSEC when PPTP is available for home use pointlessly complicates things. IPSEC undoubtably has its place as it can be very powerfull and secure when implemented properly, but it is overkill for home and even most small office use.
    Maybe i overstated how weak it was, although as with most things they are only as strong as the weakest link and although people say that its easy to overcome the problem of weak passwords by making them longer, in truth how many people actually listen to this? If everyone did then it would no longer be an issue.

    I know that vpn may be overkill for your average home user, but i have my reasons...In an ideal world, i would use wpa, a nice long password that couldn't be cracked without serious attention, while also being easy to implement, however i live in a student house where people don't all have cards that allow wpa, they are too stingy to upgrade and i have also found interoperability problems with getting encryption to work at all with some of them. therefore I chose a route that took the security issues away from the card - openvpn

  15. #15
    Senior Member
    Join Date
    Dec 2005
    Location
    Ilkeston
    Posts
    381
    Thanks
    18
    Thanked
    9 times in 7 posts
    • Pazza's system
      • Motherboard:
      • Asus P5Q Pro
      • CPU:
      • Intel Core2 Quad Q6600
      • Memory:
      • 4.00 GB
      • Storage:
      • 1x 640GB & 2x 1TB drives
      • Graphics card(s):
      • PowerColor HD 4870 512MB GDDR5 Dual DVI HDTV
      • Case:
      • Antec P180
      • Operating System:
      • Vista x64 & Windows 7 Ultimate
      • Monitor(s):
      • Dell 24" (2408)
    Ok, there are lots of leads here now - thanks. I am having to secure a web-server when I implement an online task tracking/time capture system.

  16. #16
    Registered+
    Join Date
    Dec 2005
    Posts
    40
    Thanks
    0
    Thanked
    0 times in 0 posts
    You really should be using WPA2, you will need an update for winXP

    http://www.microsoft.com/downloads/d...displaylang=en

    (Link from http://support.microsoft.com/?id=893357)

    I can even use WPA2 on an old intel 2100 b miniPCI card

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. HEXUS.guides :: Wireless security
    By Steve in forum HEXUS Reviews
    Replies: 5
    Last Post: 19-09-2005, 07:23 PM
  2. wireless security
    By garyb in forum Apple Mac
    Replies: 22
    Last Post: 05-04-2005, 09:35 AM
  3. wireless security.....
    By JimmyBoy in forum Networking and Broadband
    Replies: 3
    Last Post: 29-03-2005, 10:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •