The real Hustle....WEP or WPA??

csmager · 4 Feb 2007 at 18:15

I'm with Phnom_Penh on the SSID hiding/MAC Filtering.

The argument 'it doesn't take long to setup' doesn't really hold up.

Everyime you add a new device, you have to add the MAC address to the allow list. You also have to type the SSID yourself (admittedly not that hard).

It's not really worth wasting your time when they're both so trivial to bypass - proper scanning tools will get SSID in a second, MAC filtering can be bypassed as quick as you can type a valid MAC address into a spoofing tool.

So, as far as I can see, it's not worth considering. You're not going to get past WPA/WPA2, so there is actually no valid reason to use it at all.

norm · 4 Feb 2007 at 19:18

quackers said:
ok, if someone broke your wep/wpa security. What could they do when inside your network?

They could passively listen to any traffic passing over the wireless ethernet without your knowing.

Websites visited, POP3 passwords etc.

LizardKing · 4 Feb 2007 at 20:02

May as well just use a simple wep key and none ssid broadcast and mac address filtering, your average guy wouldn't know how to get past them, if they did they would most certainly be able to get past your wep and wpa if they really wanted to.
Chances are there are unsecured networks around which would attract any hacker to use rather than go through all the process's

csmager · 4 Feb 2007 at 20:05

LizardKing said:
May as well just use a simple wep key and none ssid broadcast and mac address filtering, your average guy wouldn't know how to get past them, if they did they would most certainly be able to get past your wep and wpa if they really wanted to.
Chances are there are unsecured networks around which would attract any hacker to use rather than go through all the process's

Cracking WEP is a simple formality - takes around 2 to 10 minutes. I've done it.

WPA is a different kettle of fish - if you have a non-dictionary PSK, it can't really be done without tonnes of supercomputing time.

quackers · 4 Feb 2007 at 20:10

what sort of software are people using to crack wep etc? Id like a go of cracking my own just to see

HangTime · 4 Feb 2007 at 21:44

stoofa said:
The way I see things is that WEP stops the casual viewer.

A good point; at the end of the day, your network is at far more risk of being accessed by nosy neighbours who notice your router showing up on a search than genuine 'hackers'. Every Tom, Dick and Harry seems to have WiFi cards these days, and these are the kind of people that will be dissuaded by even the most basic of security.

I'm currently using WPA but when I tried to connect my Wii to the network earlier it failed, so I might try changing to a different encryption method.

oddjob62 · 4 Feb 2007 at 21:57

norm said:
They could passively listen to any traffic passing over the wireless ethernet without your knowing.

Websites visited, POP3 passwords etc.

If they are going out of their way to hack your network, then chances are they are going for bigger fish. Hacking an large organisation for example.

csmager · 4 Feb 2007 at 23:28

quackers said:
what sort of software are people using to crack wep etc? Id like a go of cracking my own just to see

There's a couple of Linux Live Distributions with all the tools pre-installed.

Locky · 5 Feb 2007 at 08:29

quackers said:
what sort of software are people using to crack wep etc? Id like a go of cracking my own just to see

i think its agianst the rules for me or anyone to post what tools to use for wep encryption cracking

but you also need the right wireless networkcard to do it

!bluetonic! · 5 Feb 2007 at 10:41

I use WEP because I have the wireless router downstairs connected to the internet via cable.

I have a switch upstairs with the rest of my pooters connected to a Wireless Access Point. The AP only supports Open or WEP. I have looked for firmware to update it, but couldn't find any.

Someone would have to pretty bored though..

1) Swindon has such a high uptake of Broadband, why target me!?
2) I check logs everyso often.
3) My connection is only 2Mbps - am sure you could get a faster connection on an unsecured network nearer the BT Exchanges.. Target them!!

growse · 5 Feb 2007 at 11:04

!bluetonic! said:
I use WEP because I have the wireless router downstairs connected to the internet via cable.

I have a switch upstairs with the rest of my pooters connected to a Wireless Access Point. The AP only supports Open or WEP. I have looked for firmware to update it, but couldn't find any.

Someone would have to pretty bored though..

1) Swindon has such a high uptake of Broadband, why target me!?
2) I check logs everyso often.
3) My connection is only 2Mbps - am sure you could get a faster connection on an unsecured network nearer the BT Exchanges.. Target them!!

None of these really matter if someone wanted to target you in particular. If I wanted to build up as much information about you as possible, I could do a lot worse than to just park up outside your door, and sniff all your wireless traffic. I could probably even capture it and try to brute-force HTTPS later to capture cc card numbers, bank details etc.

Will_3rd · 5 Feb 2007 at 11:10

tweakinfreak said:
Lol nice statement, setting WPA takes same amount as setting WEP except it's more secure....

But each to their own I suppose!

Why thank you, must be living in these old Victorian houses that has damaged my faith in wireless internet technologies.

aaazza · 5 Feb 2007 at 11:37

I'll go ask Jack Bauer to recover the Phoenix Firewall for me, then I'll be safe.

aaazza

!bluetonic! · 5 Feb 2007 at 11:39

growse said:
None of these really matter if someone wanted to target you in particular. If I wanted to build up as much information about you as possible, I could do a lot worse than to just park up outside your door, and sniff all your wireless traffic. I could probably even capture it and try to brute-force HTTPS later to capture cc card numbers, bank details etc.

If you find any money to spend on those cards, can you let me know..?

Snow-Munki · 5 Feb 2007 at 13:08

had to use WEP as that's all my DS supported

Now on WPA and live in an area where i know all my neighbours and no one drives near by so feel prertty safe.

caff · 5 Feb 2007 at 13:26

A question about WPA -

Does WPA have a bigger overhead than WEP for stuff like online gaming? Would I notice my ping in Counterstrike: Source rise? Would I get lag spikes caused by this extra level of security?

hardc0re_tid · 5 Feb 2007 at 15:12

Phnom_Penh said:
TBH, the only secure way is fibre or cat .

he has dogs, he is all good!

smids · 5 Feb 2007 at 18:40

caff said:
A question about WPA -

Does WPA have a bigger overhead than WEP for stuff like online gaming? Would I notice my ping in Counterstrike: Source rise? Would I get lag spikes caused by this extra level of security?

There is a higher overhead but really, I don't think you'll miss the 1ms ping.

LizardKing · 5 Feb 2007 at 23:52

csmager said:
Cracking WEP is a simple formality - takes around 2 to 10 minutes. I've done it.

WPA is a different kettle of fish - if you have a non-dictionary PSK, it can't really be done without tonnes of supercomputing time.

Using 2 computers and a little bit of luck (ie the host downloading the whole series of lost as an example) its not that much more difficult. But like i said, anyone who can crack wep can more than likely beable to crack wpa, just takes a bit more time.

If you have WPA, then theres no reason not to use it. Those people stuck with just wep shouldnt have to much to worry about really. Its there more to put the average joe bloggs off from using an open wireless

csmager · 5 Feb 2007 at 23:59

LizardKing said:
Using 2 computers and a little bit of luck (ie the host downloading the whole series of lost as an example) its not that much more difficult. But like i said, anyone who can crack wep can more than likely beable to crack wpa, just takes a bit more time.

The only option is to use the authentication (when a client joins the network and sends the PSK) and then use a brute force attack on that. The dictionary attack will get it in a relatively short time, but a long enough and complex enough PSK would take many, many years to crack. It's just not worth it.

Lots of traffic, as you suggest, is completely useless. It uses a similar technique to WEP, but the encryption key is changed with every frame using TKIP (that is, a new key is used around 1000 times a minute, with different keys used for each client). Considering it takes around 200,000-1,000,000 IVs to crack one of those keys, you're not going to get even close.

If, by some miracle, you did get one - it's still useless. You haven't got the PSK, and the PSK is only transmitted at auth, as said.