Security, WEP, WPA etc

Discussion in 'Wireless Networking' started by Nick Le Lievre, Feb 27, 2007.

  1. I use WEP on my network currently becuase when I tried to setup WPA or WPA2
    it needed a Radius server which I don't have. Is there anyway I can setup
    something better then WEP without needing a Radius server can someone give
    me instructions?

    WEP is better then nothing as there is a person in my neighbourhood who has
    the same wireless router as me supplied by the same ISP who has only
    followed the basic instuctions to get his router on the Internet ie enter
    ISP username and password he hasn't changed anything else on the router.
    Therefore I can see his unsecured network SSID using default name and
    connect to it and get an IP address via DHCP I can even log into his router
    as he hasn't changed the password.

    Everything is the same as mine was out of the box, I don't know exactly
    where the signal is coming from so I can't knock on his door and show him
    how to secure it but it must be some distance away as I`m getting about
    665mbit/s downstream 380mbit/s up and he's got a 2mbit/s connection like
    mine (I live on an estate with about 70 flats all around). There is no point
    me leeching off his line because a) I pay for my own broadband connection b)
    I get the full 2mbit/s in my home c) his SSID is not always available so I
    guess he must turn it off which would leave it unavailable for leeching at
    times

    Its not that having someone leeching off your line is particular dangerous
    its if your running file and print services (which he is not and neither am
    I) is when it could be more dangerous although still probably not that bad
    as he's not doing anything important with computers otherwise his network
    would be secure (I hope). Still to have the power to change his router
    password, leech off him and generally mess with his connection is not a good
    thing to have in just anybodies hands I literally own him right now.

    Trouble is when you get people who are not familiar with wireless networking
    taking the self-install option off the ISP and only doing the minimum
    required to get themselves up and running becuase they either can't be
    bothered to configure it any further becuase a) they switch it off after use
    so people can't leech off them all day b) they just don't know how or forgot
    how to log into the routers web configuration and make changes.

    First thing I did when I got mine was change the routers password, get WEP
    security in place, change my SSID, change the default IP address of the
    router, change the default scope of the DHCP, and add my laptops MAC address
    to the DHCP static table but as I say I would like to use something better
    then WEP as its not impossible to break, but if WPA is only available if you
    have radius servers then I`ll stick with WEP.
     
    Nick Le Lievre, Feb 27, 2007
    #1
    1. Advertising

  2. Hi
    WPA or WPA-AES (WPA2) do not need any RADIUS server.
    All new 802.11b/g model can do WPA-PSK and many of them can do WPA-AES
    (WPA2).
    There is (USA price) devices (Access Points and Client cards) for less than
    $40 each, capable of WPA-AES.
    From the weakest to the Strongest.
    No Security
    MAC
    WEP
    WPA-PSK
    WPA-AES
    WPA2
    -------------------------------------------
    Wireless Security - <http://www.ezlan.net/Wireless_Security.html>
    WEP, WPA, and the Future - <http://www.ezlan.net/wpa_wep.html>
    The security must be set according to lowest capable Wireless component.
    I.e. even most of you Wireless are capable to do WPA2, but one device is
    only capable to do WEP, the whole system must be configured to WEP.
    Jack (MVP-Networking).


    "Nick Le Lievre" <> wrote in message
    news:45e465f0$0$26695$...
    >I use WEP on my network currently becuase when I tried to setup WPA or WPA2
    >it needed a Radius server which I don't have. Is there anyway I can setup
    >something better then WEP without needing a Radius server can someone give
    >me instructions?
    >
    > WEP is better then nothing as there is a person in my neighbourhood who
    > has the same wireless router as me supplied by the same ISP who has only
    > followed the basic instuctions to get his router on the Internet ie enter
    > ISP username and password he hasn't changed anything else on the router.
    > Therefore I can see his unsecured network SSID using default name and
    > connect to it and get an IP address via DHCP I can even log into his
    > router as he hasn't changed the password.
    >
    > Everything is the same as mine was out of the box, I don't know exactly
    > where the signal is coming from so I can't knock on his door and show him
    > how to secure it but it must be some distance away as I`m getting about
    > 665mbit/s downstream 380mbit/s up and he's got a 2mbit/s connection like
    > mine (I live on an estate with about 70 flats all around). There is no
    > point me leeching off his line because a) I pay for my own broadband
    > connection b) I get the full 2mbit/s in my home c) his SSID is not always
    > available so I guess he must turn it off which would leave it unavailable
    > for leeching at times
    >
    > Its not that having someone leeching off your line is particular dangerous
    > its if your running file and print services (which he is not and neither
    > am I) is when it could be more dangerous although still probably not that
    > bad as he's not doing anything important with computers otherwise his
    > network would be secure (I hope). Still to have the power to change his
    > router password, leech off him and generally mess with his connection is
    > not a good thing to have in just anybodies hands I literally own him right
    > now.
    >
    > Trouble is when you get people who are not familiar with wireless
    > networking taking the self-install option off the ISP and only doing the
    > minimum required to get themselves up and running becuase they either
    > can't be bothered to configure it any further becuase a) they switch it
    > off after use so people can't leech off them all day b) they just don't
    > know how or forgot how to log into the routers web configuration and make
    > changes.
    >
    > First thing I did when I got mine was change the routers password, get WEP
    > security in place, change my SSID, change the default IP address of the
    > router, change the default scope of the DHCP, and add my laptops MAC
    > address to the DHCP static table but as I say I would like to use
    > something better then WEP as its not impossible to break, but if WPA is
    > only available if you have radius servers then I`ll stick with WEP.
    >
     
    Jack \(MVP-Networking\)., Feb 27, 2007
    #2
    1. Advertising

  3. "Jack (MVP-Networking)." <> wrote in message
    news:...
    > Hi
    > WPA or WPA-AES (WPA2) do not need any RADIUS server.
    > All new 802.11b/g model can do WPA-PSK and many of them can do WPA-AES
    > (WPA2).
    > There is (USA price) devices (Access Points and Client cards) for less
    > than $40 each, capable of WPA-AES.
    > From the weakest to the Strongest.
    > No Security
    > MAC
    > WEP
    > WPA-PSK
    > WPA-AES
    > WPA2


    In my router config I got WPA, WPA-PSK, WPA2 & WPA2-PSK. I guess PSK stands
    for Pre-Shared Key but what is a pre-shared key and how do I create one?
     
    Nick Le Lievre, Feb 27, 2007
    #3
  4. "Nick Le Lievre" <> wrote in message
    news:45e472a9$0$26694$...
    > "Jack (MVP-Networking)." <> wrote in message
    > news:...
    >> Hi
    >> WPA or WPA-AES (WPA2) do not need any RADIUS server.
    >> All new 802.11b/g model can do WPA-PSK and many of them can do WPA-AES
    >> (WPA2).
    >> There is (USA price) devices (Access Points and Client cards) for less
    >> than $40 each, capable of WPA-AES.
    >> From the weakest to the Strongest.
    >> No Security
    >> MAC
    >> WEP
    >> WPA-PSK
    >> WPA-AES
    >> WPA2

    >
    > In my router config I got WPA, WPA-PSK, WPA2 & WPA2-PSK. I guess PSK
    > stands for Pre-Shared Key but what is a pre-shared key and how do I create
    > one?


    and in my 3945ABG settings I have options for WPA-TKIP, WPA-AES-CCMP, WPA2
    TKIP and WPA2 AES-CCMP.... if I had my router set to WPA-PSK or WPA2-PSK
    would I have to set the 3945abg to WPA-TKIP or WPA2-TKIP in order to connect
    and tell me how I create a pre-shared key
     
    Nick Le Lievre, Feb 27, 2007
    #4
  5. Hi
    Usually by entering a passphrase that creates a key.
    Read your Router's manual.
    Jack (MVP-Networking).

    "Nick Le Lievre" <> wrote in message
    news:45e472a9$0$26694$...
    > "Jack (MVP-Networking)." <> wrote in message
    > news:...
    >> Hi
    >> WPA or WPA-AES (WPA2) do not need any RADIUS server.
    >> All new 802.11b/g model can do WPA-PSK and many of them can do WPA-AES
    >> (WPA2).
    >> There is (USA price) devices (Access Points and Client cards) for less
    >> than $40 each, capable of WPA-AES.
    >> From the weakest to the Strongest.
    >> No Security
    >> MAC
    >> WEP
    >> WPA-PSK
    >> WPA-AES
    >> WPA2

    >
    > In my router config I got WPA, WPA-PSK, WPA2 & WPA2-PSK. I guess PSK
    > stands for Pre-Shared Key but what is a pre-shared key and how do I create
    > one?
    >
     
    Jack \(MVP-Networking\)., Feb 27, 2007
    #5
  6. Nick Le Lievre

    Lem Guest

    Nick Le Lievre wrote:
    > "Nick Le Lievre" <> wrote in message
    > news:45e472a9$0$26694$...
    >> "Jack (MVP-Networking)." <> wrote in message
    >> news:...
    >>> Hi
    >>> WPA or WPA-AES (WPA2) do not need any RADIUS server.
    >>> All new 802.11b/g model can do WPA-PSK and many of them can do WPA-AES
    >>> (WPA2).
    >>> There is (USA price) devices (Access Points and Client cards) for less
    >>> than $40 each, capable of WPA-AES.
    >>> From the weakest to the Strongest.
    >>> No Security
    >>> MAC
    >>> WEP
    >>> WPA-PSK
    >>> WPA-AES
    >>> WPA2

    >> In my router config I got WPA, WPA-PSK, WPA2 & WPA2-PSK. I guess PSK
    >> stands for Pre-Shared Key but what is a pre-shared key and how do I create
    >> one?

    >
    > and in my 3945ABG settings I have options for WPA-TKIP, WPA-AES-CCMP, WPA2
    > TKIP and WPA2 AES-CCMP.... if I had my router set to WPA-PSK or WPA2-PSK
    > would I have to set the 3945abg to WPA-TKIP or WPA2-TKIP in order to connect
    > and tell me how I create a pre-shared key
    >
    >


    TKIP, AES, and AES-CCMP are different encryption schemes, in order from
    weaker to stronger. If WPA doesn't specify, then it is WPA (TKIP). You
    have to use the same encryption scheme on both sides of the link (router
    and wireless adapter).

    Pre-sharing a key means that you manually have to set the "key" or
    "passphrase" both in the router and in the wireless adapter. Set up
    encryption in the router first and then setup the wireless adapter,
    using either the configuration utility that came with the adapter or
    using Windows XP Wireless Zero Configuration.

    IMPORTANT: Make sure that the box for "Enable IEEE 802.1x authentication
    for this network" is NOT checked:
    In Network Connections, click the wireless connection, and then, under
    Network Tasks, click Change settings of this connection. On the Wireless
    Networks tab, click a wireless network in the list, and then click
    Properties. On the Authentication tab, make sure that the "Enable IEEE
    802.1x authentication for this network" check box is NOT selected.
    (see
    http://screenshots.modemhelp.net/sc...less_Networks/Properties/Authentication.shtml)



    --
    Lem MS MVP -- Networking

    To the moon and back with 64 Kbits of RAM and 512 Kbits of ROM.
    http://en.wikipedia.org/wiki/Apollo_Guidance_Computer
     
    Lem, Feb 27, 2007
    #6
  7. "Jack (MVP-Networking)." <> wrote in message
    news:...
    > Hi
    > Usually by entering a passphrase that creates a key.
    > Read your Router's manual.
    > Jack (MVP-Networking).
    >


    I created a 13 character passphrase and used WPA2-PKS when I tried to
    connect it asked for the security passphrase and I entered my 13 character
    passphrase and that was it - connecting to it was much the same as using a
    WEP key and it now says Authentication Level: WPA2-Personal Encryption Type:
    AES - CCMP . However now I notice a decrease in my broadband speed... I went
    to adslguide.org.uk and it said the downstream was about 580kbit/s and then
    I tried to download something and it never went above 70kb/s whereas before
    I was getting 228kb/s. Question does setting WPA2-PKS have affect on
    broadband performance?
     
    Nick Le Lievre, Feb 27, 2007
    #7
  8. Hi
    Security involves encryption that take processing power, the decrease of WEP
    use to be noticeable. WPA decrease is usually not noticeable since it is
    within the margin of the regular fluctuation that is common to Wireless
    connection.
    The decrease that you indicated seems to be something else, or very low
    quality hardware.
    Jack (MVP-Networking).

    "Nick Le Lievre" <> wrote in message
    news:45e48902$0$26698$...
    > "Jack (MVP-Networking)." <> wrote in message
    > news:...
    >> Hi
    >> Usually by entering a passphrase that creates a key.
    >> Read your Router's manual.
    >> Jack (MVP-Networking).
    >>

    >
    > I created a 13 character passphrase and used WPA2-PKS when I tried to
    > connect it asked for the security passphrase and I entered my 13 character
    > passphrase and that was it - connecting to it was much the same as using a
    > WEP key and it now says Authentication Level: WPA2-Personal Encryption
    > Type: AES - CCMP . However now I notice a decrease in my broadband
    > speed... I went to adslguide.org.uk and it said the downstream was about
    > 580kbit/s and then I tried to download something and it never went above
    > 70kb/s whereas before I was getting 228kb/s. Question does setting
    > WPA2-PKS have affect on broadband performance?
    >
     
    Jack \(MVP-Networking\)., Feb 27, 2007
    #8
  9. "Jack (MVP-Networking)." <> wrote in message
    news:%...
    > Hi
    > Security involves encryption that take processing power, the decrease of
    > WEP use to be noticeable. WPA decrease is usually not noticeable since it
    > is within the margin of the regular fluctuation that is common to Wireless
    > connection.
    > The decrease that you indicated seems to be something else, or very low
    > quality hardware.
    > Jack (MVP-Networking).
    >


    Yeah I reckon its something else maybe peak time of usage at my ISP as I
    disabled WPA2 and went back to unsecured and run another test and it was
    still a long ways off what I usually expect. Although I`ve not noticed
    before it seems my ISP are incapable of guaranteeing a 2mbit/s connection
    probably something to do with the 50:1 contention ratio. I`ll check again
    later or tommorow during working hours to see if its back up to around
    2mbit/s speed.
     
    Nick Le Lievre, Feb 27, 2007
    #9
  10. Nick Le Lievre

    Jim Guest

    "Nick Le Lievre" <> wrote in message
    news:45e4743c$0$26695$...
    > "Nick Le Lievre" <> wrote in message
    > news:45e472a9$0$26694$...
    >> "Jack (MVP-Networking)." <> wrote in message
    >> news:...
    >>> Hi
    >>> WPA or WPA-AES (WPA2) do not need any RADIUS server.
    >>> All new 802.11b/g model can do WPA-PSK and many of them can do WPA-AES
    >>> (WPA2).
    >>> There is (USA price) devices (Access Points and Client cards) for less
    >>> than $40 each, capable of WPA-AES.
    >>> From the weakest to the Strongest.
    >>> No Security
    >>> MAC
    >>> WEP
    >>> WPA-PSK
    >>> WPA-AES
    >>> WPA2

    >>
    >> In my router config I got WPA, WPA-PSK, WPA2 & WPA2-PSK. I guess PSK
    >> stands for Pre-Shared Key but what is a pre-shared key and how do I
    >> create one?

    >
    > and in my 3945ABG settings I have options for WPA-TKIP, WPA-AES-CCMP, WPA2
    > TKIP and WPA2 AES-CCMP.... if I had my router set to WPA-PSK or WPA2-PSK
    > would I have to set the 3945abg to WPA-TKIP or WPA2-TKIP in order to
    > connect and tell me how I create a pre-shared key
    >

    The fine manual tells you how to do set the various types.
    Jim
     
    Jim, Feb 27, 2007
    #10
  11. "Jim" <> wrote in message
    news:ux1Fh.1375$...
    >>> In my router config I got WPA, WPA-PSK, WPA2 & WPA2-PSK. I guess PSK
    >>> stands for Pre-Shared Key but what is a pre-shared key and how do I
    >>> create one?

    >>
    >> and in my 3945ABG settings I have options for WPA-TKIP, WPA-AES-CCMP,
    >> WPA2 TKIP and WPA2 AES-CCMP.... if I had my router set to WPA-PSK or
    >> WPA2-PSK would I have to set the 3945abg to WPA-TKIP or WPA2-TKIP in
    >> order to connect and tell me how I create a pre-shared key
    >>

    > The fine manual tells you how to do set the various types.
    > Jim


    Its ok thanks to the instructions here I`m all set once I set WPA2-PKS on
    the router and entered a key (I used a 13 character key like WEP 128) I was
    able to connect on my laptop and it automatically set AES CCMP as the
    encryption not TKIP. So looks like I have maximum security possible outside
    of using a radius server which I suppose is better still. Now if I hadn't
    noticed how slow my broadband connection is getting then I would be really
    happy... it goes down to what you might expect from a 512kbit/s connection
    considering the upgrade to 2mbit/s was a free one from 512kbit/s I`m not too
    unhappy its still as good as a 512kbit/s connection in worse case scenario.
     
    Nick Le Lievre, Feb 27, 2007
    #11
  12. Nick Le Lievre

    Jim Guest

    "Nick Le Lievre" <> wrote in message
    news:45e4a685$0$26699$...
    > "Jim" <> wrote in message
    > news:ux1Fh.1375$...
    >>>> In my router config I got WPA, WPA-PSK, WPA2 & WPA2-PSK. I guess PSK
    >>>> stands for Pre-Shared Key but what is a pre-shared key and how do I
    >>>> create one?
    >>>
    >>> and in my 3945ABG settings I have options for WPA-TKIP, WPA-AES-CCMP,
    >>> WPA2 TKIP and WPA2 AES-CCMP.... if I had my router set to WPA-PSK or
    >>> WPA2-PSK would I have to set the 3945abg to WPA-TKIP or WPA2-TKIP in
    >>> order to connect and tell me how I create a pre-shared key
    >>>

    >> The fine manual tells you how to do set the various types.
    >> Jim

    >
    > Its ok thanks to the instructions here I`m all set once I set WPA2-PKS on
    > the router and entered a key (I used a 13 character key like WEP 128) I
    > was able to connect on my laptop and it automatically set AES CCMP as the
    > encryption not TKIP. So looks like I have maximum security possible
    > outside of using a radius server which I suppose is better still. Now if I
    > hadn't noticed how slow my broadband connection is getting then I would be
    > really happy... it goes down to what you might expect from a 512kbit/s
    > connection considering the upgrade to 2mbit/s was a free one from
    > 512kbit/s I`m not too unhappy its still as good as a 512kbit/s connection
    > in worse case scenario.
    >

    The encryption only applies to the transfers between the router and the
    computer. Encryption of course involves some overhead, and thus it does
    slow down the transfers between the outside world and the computer.

    If you are experiencing a large slowdown in your broadband connection, the
    problem more than likely is the result of overloading of the ISPs computers.

    Jim
     
    Jim, Feb 28, 2007
    #12
  13. "Jim" <> wrote in message
    news:Ih4Fh.47$...
    >
    > "Nick Le Lievre" <> wrote in message
    > news:45e4a685$0$26699$...
    >> "Jim" <> wrote in message
    >> news:ux1Fh.1375$...
    >>>>> In my router config I got WPA, WPA-PSK, WPA2 & WPA2-PSK. I guess PSK
    >>>>> stands for Pre-Shared Key but what is a pre-shared key and how do I
    >>>>> create one?
    >>>>
    >>>> and in my 3945ABG settings I have options for WPA-TKIP, WPA-AES-CCMP,
    >>>> WPA2 TKIP and WPA2 AES-CCMP.... if I had my router set to WPA-PSK or
    >>>> WPA2-PSK would I have to set the 3945abg to WPA-TKIP or WPA2-TKIP in
    >>>> order to connect and tell me how I create a pre-shared key
    >>>>
    >>> The fine manual tells you how to do set the various types.
    >>> Jim

    >>
    >> Its ok thanks to the instructions here I`m all set once I set WPA2-PKS on
    >> the router and entered a key (I used a 13 character key like WEP 128) I
    >> was able to connect on my laptop and it automatically set AES CCMP as the
    >> encryption not TKIP. So looks like I have maximum security possible
    >> outside of using a radius server which I suppose is better still. Now if
    >> I hadn't noticed how slow my broadband connection is getting then I would
    >> be really happy... it goes down to what you might expect from a 512kbit/s
    >> connection considering the upgrade to 2mbit/s was a free one from
    >> 512kbit/s I`m not too unhappy its still as good as a 512kbit/s connection
    >> in worse case scenario.
    >>

    > The encryption only applies to the transfers between the router and the
    > computer. Encryption of course involves some overhead, and thus it does
    > slow down the transfers between the outside world and the computer.
    >
    > If you are experiencing a large slowdown in your broadband connection, the
    > problem more than likely is the result of overloading of the ISPs
    > computers.
    >


    Yeah it looks like during the evening when everybodies at home the broadband
    slows down to 512kbit/s levels well below optimal 512kbit/s levels but
    during the day when everybodies at work its back up at 1670kbit/s downstream
    I just checked. I never noticed this untill last night.
     
    Nick Le Lievre, Feb 28, 2007
    #13
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. DRK

    WPA or WEP-128bit for Home Wireless?

    DRK, Jun 30, 2004, in forum: Wireless Networking
    Replies:
    13
    Views:
    27,255
    lightmyfire
    Oct 10, 2008
  2. Johnny
    Replies:
    11
    Views:
    3,102
    Cerebrus
    Aug 4, 2006
  3. kharnal
    Replies:
    1
    Views:
    659
    Malke
    Jan 11, 2007
  4. Replies:
    5
    Views:
    3,286
    Pavel A.
    Apr 11, 2008
  5. ufdragon
    Replies:
    0
    Views:
    1,431
    ufdragon
    Mar 30, 2012
Loading...

Share This Page