wpa-psk v WEP

Discussion in 'other firewalls' started by Long View, Apr 4, 2008.

Thread Status:
Not open for further replies.
  1. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I'm giving my son an Acer Travelmate C300 to use with an NTL/Virgin cable system. The cable will connect to a Netgear WGR614 Wireless cable Router/Firewall. Although the Netgear can handle wpa-psk the Acer can not.
    The choice seems to be between using WEP and using a netgear adapter to allow wpa-psk.

    As no high security activity (banking) will take place on this laptop - mainly e-mail and general sports surfing is wpa-psk really necessary. I know that WEP is weaker but wouldn't using a128-bit key length be sufficient ?
     
  2. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    WEP is easily breakable and there are many free tools on the internet to do it automatically and quickly. But why would anyone bother unless they just wanted to use your bandwidth and couldn't find an open network? And do you care? Use a software firewall and don't trust your network. If the Acer is reasonably new, you might also check for a firmware update for the NIC. Or get almost any modern USB card to get better reception then the builti-in + WPA.
     
  3. wat0114

    wat0114 Guest

    I don't know about you or Long View, but I would sure care. Someone hijacking the bandwidth they are not paying for is annoying enough, but there is also the possibility they use it for illicit activity, and the one paying for for the connection could be on the hook for a possible criminal investigation into it. The Netgear wpa-psk adapter seems a good idea.
     
  4. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    btw why doesn't it support wpa?
     
  5. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    One other thing to think about. If there are other PCs on the network this PC could be used as an entry point into them. Did not look at the specs for this laptop, but if it has built in wireless and some PCMCIA slots available you could disable the built in NIC then add a WPA capable one.
     
  6. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,
    You might try combining mac filtering, static IPs, radius-limited tx, and no id broadcast to make your network as little visible and accessible as possible.
    Mrk
     
  7. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Thanks for all the replies. I checked on the acer site and the laptop has the
    latest (2005) fireware. Having played for a few hours I was unable to get a connection - showed WEP and WPA but not WPA-PSK [TKIP] which is what I use.
    Interesting to see that I can see 2 other weak connections one of which has no security. Anyway I bought a Netgear WG 511v2 54 Mbps wireless card and everything works fine. Having an adapter is a bit of a pain but the laptop will
    only be used as a desktop substute so the adapter can be left installed
     
  8. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I'm using WPA2 AES on my network along with MAC filtering.
    I really don't see any reason not to use it. The network is pretty much completelly sealed and i can have open read/write shares so i can copy, move and edit files between computers easily.
     
  9. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    On my home system I have 2 laptops and 2 wireless printers that I would have to changed and the Netgear WG602 doesn't have WPA2 AES as an option.
    The WGR614 though does have WPA2 AES - so I could set it up that way for my son. Is it possible to explain the benefits of WPA2 AES over WPA-PSK ? I'm assuming that it is superior in some way.
     
  10. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    Pretty much everything you deal with is WPA-PSK. That just means you have preshared the key, instead of using a Radius server to distribute them. TKIP and AES are the standard encryption options used by WPA and WPA2, although the authentication is different. WPA2 is like it sounds, an extension to WPA for the latest standard 802.11i. So use WPA AES if that is in common. Or most WPA2 devices (like mine) are downward compatible with WPA.
     
  11. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    I understand the latest does, so check for a firmware update.
    Exactly.

    I have a network and move and access files around the computers using WPA2 AES because that is considered fully secure. The only weak link is the password, using a random passphrase of at least 20 characters should be used - 33 is the recommended, I'm using a full 63.

    Any device Wi-Fi certified after March 2006 should have WPA2.
     
  12. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Thanks I have updated the firmware but I have WG602 v2 ( ie old) and no
    WPA2 AES. would it really make that much difference ? My Router DG834 is also about 4 years old now so I could justify a new set up BUT in 4 years of running this router and firewall (WEP originally) I have no evidence of any contamination
    or theft.
     
  13. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    I suppose it would if someone was trying to compromise you. It is peace of mind as it is secure, although with an ordinary user how many people out there are going around or living by you trying to hack into your network also perhaps when having no neighbours, living remotely then you could also carry on using WEP and there would be no need for the expense, but, there is always the risk that someone may try it on, and so I use WPA2 AES as the hardware permits.

    Check with ISP - you could be entitled to reduced cost or a freebie.
     
Thread Status:
Not open for further replies.