I thought WEP key security was the better solution but I always seem to have problems when using different devices - I never seem to have this problem with PSK. What is supposed to be the best security?
I thought WEP key security was the better solution but I always seem to have problems when using different devices - I never seem to have this problem with PSK. What is supposed to be the best security?
SSID off, WPA Key with Mac filtering is generally what I use
no encryption on the wireless, firewalled access at the router blocking everything except a vpn port....
secure the vpn
Now that sounds an interesting alternative - I will have to look into that
Originally Posted by pak000
Any links with info on this mate?
HEXUS believes no one person has a monopoly on ideas, and that your opinion matters.
the best place i would say to start is www.openvpn.net, although windows comes inclusive with a vpn client, its not particularly great, certainly steer clear of pptp implementations as they are weak and can easily be broken, IPSEC is good, but complicated to set up and can have its quirks with hardware despite it having a standard
Openvpn is a seperate program that can run as both a client and server
Its is
a) free
b) compatible on most os's
c) encrypts data in 3 different ways, blowfish 3des and aes
d) relatively simple to set up
also (from a quick google)...
http://www.wi-fiplanet.com/tutorials...le.php/3484186
http://www.jeroen.se/articles/wifi.php
http://www.informit.com/articles/art...?p=387173&rl=1
Last edited by pak000; 16-12-2005 at 10:17 AM.
Can you find me examples of how to break the current Microsoft PPTP?Originally Posted by pak000
The only real weakneses is the control reaffic is unencrypted allowing potential DoS, and using weak passwords as the key is generated using your password and if it isn't long enough. The only real fear of wireless is snooping/using your connection. The weak passwords is easily solved and the unencrypted control traffic is not a problem in this case.
Using IPSEC when PPTP is available for home use pointlessly complicates things. IPSEC undoubtably has its place as it can be very powerfull and secure when implemented properly, but it is overkill for home and even most small office use.
"In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."
^^ What he said
the level to which you protect your wireless segment shoudl depend ont he percieved sensetivity of the data you want to protect.
If you just want to prevent casual piggybacking of your DSL line then WPA with a reasonable length key should be sufficient.
In a larger network , treating wireless clients as if they where connecting from an external source ( ie keep them on their own DMZ that will then require some form of encrypted authentication to access the internal resources ) is a better idea
my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net
You should try and crack your own network. Then you wont be so worried.
I've heard that wpa can be done quickly now, and while i know wpa is enough for most wannabe hackers I really just want to learn about network security, so may go down the openvpn route anyone got more links? Ta.
Oh and opensource would be great for just playing, unless my old machine with win2k on could be used, really can't afford routing software tho.
Last edited by Fidley; 17-12-2005 at 12:37 AM.
HEXUS believes no one person has a monopoly on ideas, and that your opinion matters.
What kind of network are you looking to secure? Home or corporate?
WEP is breakable in minutes these days. SSIDs are part of the unencrypted packet headers so disabling SSID broadcast isn't increasing security. MAC addresses are easily spoofed.
WPA-PSK is decent for a home network. VPN is better for a corporate WLAN, but a VPN is only as secure as its clients, so lock down the access too.
It's only a home network, but as i said i want to learn about it really.
HEXUS believes no one person has a monopoly on ideas, and that your opinion matters.
Maybe i overstated how weak it was, although as with most things they are only as strong as the weakest link and although people say that its easy to overcome the problem of weak passwords by making them longer, in truth how many people actually listen to this? If everyone did then it would no longer be an issue.Originally Posted by badass
I know that vpn may be overkill for your average home user, but i have my reasons...In an ideal world, i would use wpa, a nice long password that couldn't be cracked without serious attention, while also being easy to implement, however i live in a student house where people don't all have cards that allow wpa, they are too stingy to upgrade and i have also found interoperability problems with getting encryption to work at all with some of them. therefore I chose a route that took the security issues away from the card - openvpn
Ok, there are lots of leads here now - thanks. I am having to secure a web-server when I implement an online task tracking/time capture system.
You really should be using WPA2, you will need an update for winXP
http://www.microsoft.com/downloads/d...displaylang=en
(Link from http://support.microsoft.com/?id=893357)
I can even use WPA2 on an old intel 2100 b miniPCI card
There are currently 1 users browsing this thread. (0 members and 1 guests)