WPA or WEP-128bit for Home Wireless?

Discussion in 'Wireless Networking' started by DRK, Jun 30, 2004.

  1. DRK

    DRK Guest


    I just setup a home wireless network using NetGear WGR614
    wireless router and WGB511 PCMCIA card on XP Pro. My
    question is should I take the extra leap and implement WAP
    Security or would a WEP-128bit security be more than
    sufficient for a home environment?

    The answer carries a lot of signifance for my decision
    because the WGB511 card that I got would not let me
    upgrade to a new version of the driver that has WAP
    support. And if the recommendation that I go for WAP
    security for a home wireless network, I should think about
    going for a different card.

    Also, if I have to go for WAP security, do I still need to
    install the Microsoft WAP Security Update KB#815485
    3B815485) ?
    DRK, Jun 30, 2004
    1. Advertisements

  2. DRK

    K.S.Andersen Guest

    Whether you use WGB511 or WG511 you are prone to have problems with WEP
    security. Have a look at
    "Netgear WG614v3 problems" submitted June 19th 2004 17:18 to this Newsgroup.
    K.S.Andersen, Jun 30, 2004
    1. Advertisements

  3. DRK

    K.S.Andersen Guest

    Sorry, problems with WPA security. No problems with WEP.
    K.S.Andersen, Jun 30, 2004
  4. DRK

    DRK Guest


    Thanks for your response. I'm using WG614v4 router and yet
    to test it for its connection stability... read some
    reviews that the intermittent drop has been resolved in
    WG614v4 upwards... just keeping my fingers crossed.

    Also, I could not find any posting about WEP security
    issues in the article you has mentioned... it only talks
    about WPA based security

    - DRK
    DRK, Jun 30, 2004
  5. DRK

    Sooner Al Guest

    Sooner Al, Jun 30, 2004
  6. DRK

    DRK Guest


    Thanks for your response. I understand that WPA is much
    more secure than WEP...but my concern is that it should
    NOT be a over-kill on the HOME wireless network. In other
    words, if the WEP-128bit is more than sufficient for an
    home wireless I'm willing to stick to that, else I'm
    willing to take a leap (only if it is absoultely

    - Ram
    this article by Barb Bowman, MS-MVP... for the mutual benefit of all of us...
    DRK, Jun 30, 2004
  7. DRK

    Sooner Al Guest

    I don't think its overkill at all. I run WPA-PSK on my home LAN...with a VERY long random key...

    Al Jarvi (MS-MVP Windows Networking)

    Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
    The MS-MVP Program - http://mvp.support.microsoft.com
    This posting is provided "AS IS" with no warranties, and confers no rights...
    Sooner Al, Jun 30, 2004
  8. For your home - WEP with 128-bit encryption. Also, restrict access by
    enabling access via a list of MAC addresses that you supply. For giggles
    you coud also disable your SSID broadcast. I've got a couple of 11MB
    clients that I can't get support for WPA either.
    TheMachineRNC, Jul 1, 2004
  9. [..]

    why do you think security is overkill? You should consider the
    consequences of one of your neighbours using your internet connection.
    First of all there is the costs, if you have a real flat-rate then that
    would not be a "real" problem, you couls let them use your connection.
    But you should never forget, that it is possible to break into your WEP
    secured network and use your internet connection for commiting crimes.
    And it is up to you to prove that your account has been misused when the
    police found out that your account was the origin of a hacker attack or
    illegal filesharing activity or something like this.

    I would never claim, that wpa is overkill. I use it and it was quite
    difficult to make all client work, but now it works and I can sleep very
    well again.

    And: Never forget to turn off your router when you do not use it. You do
    not need it if you are not at home. So this is the best protection
    against hackers, as long as it is turned off?

    Sebastian Hoehn, Jul 1, 2004
  10. DRK

    Dave M Guest

    It seems there is very little "authoritative" information on the web
    regarding the strength of WEP and WPA, except to say WPA is better than 128
    WEP is better than 40 WEP.

    First, recognize that no security is absolute. Professionals note that
    security is inversely proportional to usability - the more secure, the
    harder is for the user to use. The security for every situation is
    different. What you need to consider is the cost the intruder will have to
    incur vs. the benefit they will receive by cracking your system.

    Second, most of the discussions regarding the "insecurity" of WEP seem to
    focus on the algorithm that turns the pass phrase into an encryption key.
    Apparently the algorithm did not produce unique keys, but provided some
    subset of keys from the total available keys. This makes searching for the
    correct key by trial and error quicker. (Recall when you may have forgotten
    the combination to a 3 or 4 digit bike lock of the type with the rotating
    cylinders for each number - with sufficient patience you could work through
    all combinations until you found the one that opened the lock. Consider how
    much easier that was if you already knew one or two of the numbers.)

    It is not necessary to use a pass phrase to generate your key. That was a
    convenience to make it easer for the user (remember the inverse rule above
    ;-). Instead, you can generate your own random key (using dice or pulling
    the numbers out of a hat) and enter it directly. Just be sure that you use
    all 16 of the hexadecimal values. { 0 1 2 3 4 5 6 7 8 9 A B C D E F }

    Finally, consider your own circumstances. If you are in a suburban or rural
    area, any intruder that wants to crack your wireless network is probably
    going to have to sit in a car out in front of your house to be close enough
    to access it. I have seen claims that 128 bit WEP with a truly random key
    still requires about 20 weeks to crack. A war driver that wants an
    anonymous connection for illegal purposes probably won't think the anonymous
    access will be very valuable if they risk being spotted in front of your
    house to get it. And someone that is looking for your personal information
    will find it easier to break into your house and turn your computer on.

    Conversely, if you live in an apartment building and you have no idea who
    your neighbors are, you probably want to avoid wireless altogether. Even
    WPA will not stand up to a sustained attack if the cost to the attacker is
    in line with the benefits they could receive.

    Most home and SOHO applications fall somewhere in between the two extremes
    above. Also the value of any data in home computers is generally pretty
    trivial, easier to get by other means, and already has protections against
    misuse. (If your home business doesn't fit this general characterization,
    I'm sure you already know why AND you have more sophisticated physical
    protections as well.)

    I guess another way to put it is if you feel comfortable with standard locks
    and deadbolts on your doors and don't have a 24 hour monitored alarm system,
    you should be equally comfortable using 128 bit WEP with a random key. If
    you want to up your odds, then use a restricted MAC access list as well.

    Dave M
    Dave M, Jul 1, 2004
  11. DRK

    Cat Guest


    The differences between WEP and WPA are not the level of "bits' Encryption".

    It is an issue of how the encryption key is generated and frequent changes
    to the key.

    May be this can Help: http://www.ezlan.net/Wireless_Security.html

    Jack (MVP-Networking).
    Cat, Jul 6, 2004
  12. DRK

    Dave M Guest

    Thanks for the link, I was interested to note that it made many of the same
    recommendations I did.

    I understand the difference between WEP and WPA. I have studied encryption
    algorithms and have programmed implementations of DES and 3DES.

    I agree that the issues is how the encryption key is generated, and my post
    described an alternative to the buggy passphrase conversion algorithm
    included in WEP implementations.

    I still stand by my position that 128 bit WEP is adequate for most home and
    home office installations.

    The point I wanted to make for the original writer was to point out that the
    additional cost in time and money to get a new card that will work with WAP,
    since they already have one that will work with WEP, is probably not worth
    the additional security of WAP, since they most likely don't need it. But
    that is a judgment they will have to make for themselves, considering their
    unique situation.

    I don't know who said if first, but "In technology, just because you can do
    it doesn't mean you should do it."

    Dave M, Jul 7, 2004
  13. DRK

    Karl Kish Guest

    A lot of freely downloadable tools permit you to crack WEP easily and
    quickly. Doubt it download a copy Linux STD distribution and boot up a
    wireless equipped laptop. Bring up kismet and have fun. If you are NOT
    using WPA with a good pasphrase you are toast the question is who is driving
    by with the toaster and when.

    From the AZrepublic articel on increase identity theft ->

    "Phoenix police respond increasingly to wireless fraud crimes, Weiss said.
    Thieves travel in pairs through affluent Valley neighborhoods, armed with a
    laptop and modem.

    The passenger then uses the improvised modem, which is often soldered into a
    coffee can, to tap into Internet service providers in home computers.

    "A lot of our criminals are more sophisticated than we've seen before,"
    Weiss said. "They'll be able to get a signal in their car as long as your
    modem is on. It doesn't matter if you're using the computer at the time. If
    the computer is on and connected, they can sign on using your Internet
    service provider address."

    Simply switching off home computers when they are not in use can save
    consumers thousands of dollars, Weiss said."

    Full Article -> http://www.azcentral.com/news/articles/0708idtheft08.html
    Karl Kish, Jul 9, 2004
  14. DRK


    Oct 10, 2008
    Likes Received:
    Thanks Dave M.

    I've been looking for a reasonable answer to this WPA / WEP thing, and you've told me what I wanted to hear. I hope that mean it's true!
    lightmyfire, Oct 10, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.