Wireless Network Security...help!
#1
Mr. Sparkle!
Thread Starter
Join Date: Nov 2005
Location: Wiltshire - swindon
Posts: 12,775
Likes: 0
Received 0 Likes
on
0 Posts
![Default](https://passionford.com/forum/images/icons/icon1.gif)
Right guys, had to Set up a new Network as my last one went tits up, well the routor did...
I need to know which is the best security out of this list...
WPA-PSK (no server)
128bit WEP
64bit WEP
WPA (with radius server)
this all means fuck all too me...help!
I need to know which is the best security out of this list...
WPA-PSK (no server)
128bit WEP
64bit WEP
WPA (with radius server)
this all means fuck all too me...help!
![Surprised](https://passionford.com/forum/images/smilies/bigcry.gif)
#7
Advanced PassionFord User
Join Date: Jun 2003
Location: Maldon, Essex
Posts: 1,668
Likes: 0
Received 0 Likes
on
0 Posts
![Default](https://passionford.com/forum/images/icons/icon1.gif)
depends on what you have the other side of this wireless network mate. wep takes about 8 seconds to crack if someone wanted to. WPA is where to go but a lot of slightly older devices dont support it.
Trending Topics
#8
Advanced PassionFord User
Join Date: Jun 2003
Location: Maldon, Essex
Posts: 1,668
Likes: 0
Received 0 Likes
on
0 Posts
![Default](https://passionford.com/forum/images/icons/icon1.gif)
this might help.
WEP vs WPA
Ive been asked by a few friends lately about securing their networks and whether it really matters if they use WEP or WPA.
I will go over briefly what each is, and what the major differences are.
WEP:
Wired Equivalent Privacy. Originally intended to give you the same or similar level of security as on a wired network, but it didnt quite work out that way.
In basic laymans terms, WEP works by using secret keys, or codes to encrypt data. The Access Point and the client must know the codes in order for it to function. It uses either 64 bit or 128 bit keys, though the added security from the larger number isnt as much as you would think.
The actual user keys (codes) are 40 bits and 104 bits, with the extra 24 bits used by something called the Intialization Vector (IV).
The encryption is created by taking the IV and randomizing it for each packet, while keeping the secret code the same. The AP and the client decrypt and retrieve the message/data and all is right in the world, in theory.
Problems:
* There is no limit on using the same IV value more than once. This makes the encryption vulnerable to collision-based attacks.
* Because the IV is only 24 bits, there are only ~16.7 million possible variations. Sounds like a lot, but its quite small in the cryptography world.
* Master keys are used directly, when they should instead be used to generate other temporary keys.
* Users dont change their keys very often on most networks, giving attackers ample time to try various techniques.
If you have nothing else, WEP is better than nothing of course, but I wouldnt trust extremely sensitive data with it.
WPA:
Wifi Protected Access. It bridges the gap between WEP and the upcoming 802.11i standard, and is implementable via firmware upgrades in older hardware. WPA uses Temporal Key Integrity Protocol (or TKIP), which is designed to alow WEP to be upgraded through corrective measures that address the existing security problems.
Advantages over WEP:
* IV length has increased to 48 bits from 24 bits, which allows WPA to achieve over 500 trillion possible key combinations.
* IVs are now better protected through the use of the TSC, or TKIP sequence counter, helping to prevent the re-use of IV keys.
* Master keys are never directly used.
* Better key management
* Impressive message integrity checking
I have not gone into the Enterprise level of WPA, which is actually intended to be used with something called a RADIUS server for access control. Most home users use what is called WPA-PSK, which is for use on smaller networks that need good security without the extra cost and configuration. WPA and WPA-PSK use the same encryption methods, however.
Future:
WPA2 (802.11i):
WPA2 features upgrades to WPA to make it even more secure.
* WPA2 uses AES (Advanced Encryption Standard) to provide stronger encryption.
* There are specific solutions for Enterprise and Personal use. Enterprise uses IEEE 802.1X and EAP to provide authentication. Personal uses a pre-shared key, or password.
* WPA2 still creates new session keys for every assocation, the benefit over WPA being that the keys used for each client on the network are unique and specific to that client. Every packet sent over the air is encrypted with a unique key and avoids re-use.
WEP vs WPA
Ive been asked by a few friends lately about securing their networks and whether it really matters if they use WEP or WPA.
I will go over briefly what each is, and what the major differences are.
WEP:
Wired Equivalent Privacy. Originally intended to give you the same or similar level of security as on a wired network, but it didnt quite work out that way.
In basic laymans terms, WEP works by using secret keys, or codes to encrypt data. The Access Point and the client must know the codes in order for it to function. It uses either 64 bit or 128 bit keys, though the added security from the larger number isnt as much as you would think.
The actual user keys (codes) are 40 bits and 104 bits, with the extra 24 bits used by something called the Intialization Vector (IV).
The encryption is created by taking the IV and randomizing it for each packet, while keeping the secret code the same. The AP and the client decrypt and retrieve the message/data and all is right in the world, in theory.
Problems:
* There is no limit on using the same IV value more than once. This makes the encryption vulnerable to collision-based attacks.
* Because the IV is only 24 bits, there are only ~16.7 million possible variations. Sounds like a lot, but its quite small in the cryptography world.
* Master keys are used directly, when they should instead be used to generate other temporary keys.
* Users dont change their keys very often on most networks, giving attackers ample time to try various techniques.
If you have nothing else, WEP is better than nothing of course, but I wouldnt trust extremely sensitive data with it.
WPA:
Wifi Protected Access. It bridges the gap between WEP and the upcoming 802.11i standard, and is implementable via firmware upgrades in older hardware. WPA uses Temporal Key Integrity Protocol (or TKIP), which is designed to alow WEP to be upgraded through corrective measures that address the existing security problems.
Advantages over WEP:
* IV length has increased to 48 bits from 24 bits, which allows WPA to achieve over 500 trillion possible key combinations.
* IVs are now better protected through the use of the TSC, or TKIP sequence counter, helping to prevent the re-use of IV keys.
* Master keys are never directly used.
* Better key management
* Impressive message integrity checking
I have not gone into the Enterprise level of WPA, which is actually intended to be used with something called a RADIUS server for access control. Most home users use what is called WPA-PSK, which is for use on smaller networks that need good security without the extra cost and configuration. WPA and WPA-PSK use the same encryption methods, however.
Future:
WPA2 (802.11i):
WPA2 features upgrades to WPA to make it even more secure.
* WPA2 uses AES (Advanced Encryption Standard) to provide stronger encryption.
* There are specific solutions for Enterprise and Personal use. Enterprise uses IEEE 802.1X and EAP to provide authentication. Personal uses a pre-shared key, or password.
* WPA2 still creates new session keys for every assocation, the benefit over WPA being that the keys used for each client on the network are unique and specific to that client. Every packet sent over the air is encrypted with a unique key and avoids re-use.
#10
![Default](https://passionford.com/forum/images/icons/icon1.gif)
you can set up a basic 64bit wep and mac filtering... this will only allow certain devices to connect to the router...
You will have a mac address on the wireless card... looks similar to this
e.g:
a1:d5:9o:mn:cy:a8
youd then set the router so it will only allow that device to connect to it
You will have a mac address on the wireless card... looks similar to this
e.g:
a1:d5:9o:mn:cy:a8
youd then set the router so it will only allow that device to connect to it
Thread
Thread Starter
Forum
Replies
Last Post
Stu @ M Developments
General Car Related Discussion.
41
21-08-2015 06:47 AM