Protection: WAP or WEP and WHY? (1 Viewer)

[Angelo.M]

Can someone give me a quick rundown on the difference? I currently use WEP, I cancelled SSID broadcasting and I restricted MAC addresses. I only know enough about this stuff to be dangerous, however.

Should I be WAPping instead of WEPping?

 

[Patrick Sun]

Do you see anyone else tapped into your wireless router? If not, just continue on with your present setup.

 

[Scott Merryfield]

Actually, it's WPA, not WAP. WEP uses a static encryption key that can be decrypted within about 20-30 minutes if someone did happen to discover your wireless LAN (less likely with SSID broadcast turned off, but it still can be done). WPA changes the encryption key every so often so that the utilities used to discover WEP encryption keys do not work with WPA, making it more secure. The downside to WPA is that some devices do not yet support it.

If you disabled your SSID broadcast, you are pretty safe. Also, limiting your DHCP scope to the known MAC addresses on your network also helps -- it sounds like you have done that, too.

Considering that the vast majority of people who purchase home wireless equipment never turn on any security features, your wireless network is more secure than most. I work in IT -- data and voice networking specifically -- and I am amazed at the number of people within my own IT department who buy home wireless networks and just plug it in with no security setup.

 

[ScottHH]

I can get the WEP to work, but when I turn off the SSID broadcast, my wireless card cannot find the router. Any ideas?

 

[Scott Merryfield]

I have the same problem with the Dlink equipment I'm using, so I am forced to leave the SSID broadcast turned on. That's why I use WPA instead of WEP for the encryption access method.

You could check to see if there are updated drivers available for your wireless adapter or firmware updates for your wireless router. Also, try using a short preamble setting in the wireless setup. In my case, Dlink has not issued any driver updates for the PCI adapter (and they only support WEP with the existing driver). So, I am using Windows XP to manage my wireless adapter -- SP2 includes support for WPA.

 

[Scott L]

Hope I'm not sidetracking but how many wireless acces points do you guys have? I plan to get a wireless 802.11g router for upstairs. Will it reach fine all the way to the basement at 2.4ghz?

 

[Scott Merryfield]

I just have the one combo router/hub/access point. It is located on the first floor, and the wireless PC is on the second floor. After playing with coverage issues for awhile, the connection is now pretty stable.

Coverage through two floors will depend on house construction and interference with other 2.4GHz devices. I would definitely try it with a single access point before trying to install a second one.

 

[ScottHH]

So from what I understand, Angelo is using a fairly secure set up. Angelo, what hardware and operating system are you using?

I have linksys and Scott M has DLink. With these routers you need to have XP SP2 (and allow XP to manage the wireless adapter) if you want to use the more robust WPA. Is this correct?

Since my laptop is running Win 98, the best I can do is WEP with SSID broadcast on:frowning:.

Scott L, I have a Linksys 802.11b wireless router, and it works throughout a one story house and outside on the patio. If you cannot get coverage from the 2nd floor through to the basement, perhaps you can set up the router on the central 1st floor?

It is kind of interesting, I got more concerned about security when I was in the room furthest from the router, and I picked up my router, and a faint signal from a neighbor's. I went back to that spot today, and now I see two other routers. One is called linksys and the other belkin54g. Neither is using any security whatsoever.

 

[Scott Merryfield]

That is definitely the case with the Dlink PCI wireless adapter I'm using -- I am not sure about Linksys. You probably have a better chance of Linksys updating their adapter drivers to include WPA support in the future, since Cisco Systems has owned Linksys for over a year (which should translate to better tech support than Dlink).

 

[Angelo.M]

How would I be able to "see" them?

Thanks to everyone who responded in this thread. Very helpful. Sounds like I don't need to make any changes for the time being.

 

[ScottHH]

I don't know about the Netgear, but I can access the Linksys router with its IP address (which I have bookmarked). In the router settings I can see the DHCP Clients Active IP Table, which shows me all of the computers that are on the network. You could also enable the log, and go through it to see if any additional computers (ID'd by an additionalLAN IP) was making requests to any destinations you don't recognize.

 

[SethH]

Yeah, Scott's right. There's a log of users somewhere in the setup stuff. That brings up another good point . . . if you have an web-based setup (like the Linksys) make sure you change the default password. For Linksys the default is no user name and "admin" as the p/w. This is extremely common knowledge and should be changed immediately!