Wireless Security - What do you use?

[Brains]

I have been doing a bit of browsing and discovered that the type of wireless security that i use WEP is basically useless, there are programmes that you can download and run and voila in 60s flat you are into a 128Bit encrypted wireless network.

I know there is also WPA and WPA2, are these the same? good? What is the difference between the three?

Are there any other types you can use?

Cheers.

 

[happy_2008]

I use a 10 digit WEP

 

[DJMK4]

128bit WEP...

Although im not a big fan of wireless networks because they tend to be so un-reliable in my house so its all wired atm and the WAPS are switched off

 

[Mel_P]

WPA encryption and only specific MAC addresses.

Hopefully reasonably secure.
(WGR614 netgear)

Mel

 

[Phemo]

I use WPA2 with a 20 character key. Also have MAC filtering enabled, not that it's really going to do a lot.

Don't really use my wireless for much other than when I feel like using my laptop in bed or when loafing around in the sofa. Even then I tend to find myself plugging in a conveniently located cable anyway - my battery is knackered so while I've got the mains adapter plugged in I may as well have a network cable too.

 

[GuruJockStrap]

WPA2 with a 63 character password here!

WPA is secure as long as you use a long, secure password.

As far as I'm aware, WPA2 security has yet to be cracked.

 

[Daniel]

I use WPA.

A few people in our road have wirelesss networks and some are secure and some are not.

The other day the laptop scanned for networks and found a WPA secure one somewhere in our road. The weird thing was that they had there network ID name set the same as their WPA code so all you had to do was copy the code in and you were connected.

So their WPA secure network is actually advertising for you to connect. I don't know who it is as I would tell them to change the network ID.

Dan

 

[james.miller]

i use wp2 with something like a 20key string. does me.

 

[Al Vallario]

128bit WEP, although I am aware it's not going to stop someone who wants to get in. No MAC filtering as that's a load of hassle and about as much use as a chocolate teapot at the end of the day.

Fortunately I live in a reasonably remote location where no one is going to try and trespass on my wireless network

 

[ricky1981]

I turn off SSID broadcast, turn on MAC address filtering and use WPA (I've also got a Checkpoint Edge unit from work ). All this to ensure no-one can interfere with my using gmail and OCUK

 

[#Chri5#]

I broadcast the SSID, run no WEP, WPA or MAC filtering.

That just leaves the IPSEC AES 256-bit encryption to bypass for anyone trying to look round

 

[triggerthat]

My SSID broadcast is disabled and I have a 128bit WEP encryption. Haven't had any problems. Everything connected to the router has a firewall installed just in case.

 

[bitslice]

umm, last time I posted on this topic someone said I was "wrong" but then they wouldn't answer the reply - sigh.
- anyway, I guess these are the sites the OP found...

How To Crack WEP
http://www.tomsnetworking.com/2005/05/10/how_to_crack_wep_/
How To Crack WEP in 3 minutes
http://www.tomsnetworking.com/2005/03/31/the_feds_can_own_your_wlan_too/
Cracking Wi-Fi Protected Access (WPA)
http://www.informit.com/articles/article.asp?p=369221&rl=1

I think this means:

WEP = bad
WPA-PSK = maybe icky
WPA-PSK (TKIP) + long password = OK
WPA-PSK (AES) = OK
WPA2 = OK

I prefer #Chris5# solution

OT: I expect a few routers are potentially open to a new trojan attack because their admin password is blank.
.

 

[Chronictank]

128bit WEP, but wireless is off unless i need it

 

[Andyt_uk]

128bit WEP, but wireless is off unless i need it

just so you know the length of the WEP key doesn't really effect the time it takes to crack it. I did a paper on it and how to crack it for a uni unit in my final year.

 

[FireBIade]

WPA-PSK TKIP with a 20 char random key. Mac address filtering, DHCP off, SSID disabled, changed default admin password, pointed aerials into the house. Pray!

Think I remember reading somewhere to crack WPA enough packets need to to sniffed and then a brute force style crack done on those packets to reveal the key, thus having a sufficiently long / random key will make a brute force run a stupidly long time unless they have a super computer or some kind of rainbow table setup that allows super speedy brute force cracking.

Probably best to change your config say once per month, like changing your logon password just in case you've been ow3n3d.

Fire..

 

[Snow-Munki]

have to use WEP here as the DS doesn't support WPA

 

[Deleted member 58846]

no wireless security because I don't use it. I prefer wired myself.

 

[Yas786]

Use MAC Filtering and it seems to do the job, if anyone wants to connect to my wireless ap then i just get their MAC address and add it to the list.

 

[Snow-Munki]

Use MAC Filtering and it seems to do the job, if anyone wants to connect to my wireless ap then i just get their MAC address and add it to the list.

but isn't it fairly easy to clone someone's mac address ?