Whats the difference from using a WEP 13 ASCII characters or
WPA 13 ASCII characters. I know the WPA can support 63 but besides the number of charters what else is different.
-
-
blue68f100 Notebook Virtuoso
The encryption process. WEP send the key with the packets. The reason it only takes a min to crack. WPA once the connections is made it starts changing the key on what the cycle is set at.
If you use all printable chr in a wpa key 20 chr long, it is secure enough for most. It would take over 20 yrs at a brute force attack of 100k/sec. But only using alpha or word in a dictionary less than a year.
So I recommend a 20 chr min random generated key using all printable chrs. Preferability the max it will take. Like this "nN)'!xQi&b>AZ%^~lkjew-+" (some will not take the double quote chr) you get the idea. Looks alike a typing drill. You can get random generated keys free from grc.com they have all types. Just copy and past to a notepad, the grab parts of key you want to use. Copy and paste into the apporiate fields, typing generates errors. Then save the keys or write them down for future use. -
WEP is useless because it can be cracked within 5 minutes with freeware.
WPA is currently secure unless you use a poor password like "password" instead of "mf93ml8fjm29fksm9aks35cs" -
ok make sense now i just set it up using 20 random acsII.
Is it necessary for me to also set up mac filtering? -
It's less neccesary than just encryption, but it's a good idea. Set it to allow only the liisted MAC address to connect, then register each computer's MAC address.
If you want to be even more nit-picky, you could reduce the max number of auto-configured IP addresses from the default to the number of computer or switch to static IPs. -
AKAJohnDoe Mime with Tourette's
-
usapatriot Notebook Nobel Laureate
WPA is MUCH safer, heck use WPA2 Personal if you can which is even better.
-
so, so simple to use. you don't really even have to cut at paste- just holler at the good lookin chick across the room (me) and tell her what the phrase/word is -
blue68f100 Notebook Virtuoso
MAC Filtering is not required it you have good security. Beside every packet sent has the MAC Address in the header info.
I would hide the SSID once you get it setup. That way it want show up on scans. So if you have friends over you will have to provide the SSID and the key, so a manual setup will be required. -
-
WPA cracking can be done if you use passphrases instead of ASCII, and fairly easy (Took 20 minutes on my router using an 8 character dictionary word), but if you use multiple words to make up the 8 characters, or even a number thrown in, it'll make passphrase cracking far harder. You can make a huge file that will allow you to do it, but you'll be looking at 20GB+.
In all honesty, I was able to crack my WPA faster than I could WEP, and I've tried every exploit to see how secure my network is. WPA2, however, I couldn't crack it (yet), so if all your devices support it, use it. -
blue68f100 Notebook Virtuoso
As with all security it's only as good as the key used. The reason you should never use words in dict. Use all PRINTABLE CHR and MAX LENGTH. You would be spinning your wheels for years and still not get in.
-
Exactly. The protocol itself can only help a little if your password sucks.
On a side note, my brother has a '66 F100. Figured I'd mention that. -
There's a nice WPA key generator here: http://www.kurtm.net/wpa-pskgen/
You can even choose the number of characters you want. One nice thing about this site is that computations for the key all take place on your computer instead of being generated on a web server and then being transmitted to you. -
-
blue68f100 Notebook Virtuoso
Hiding SSID by it self is not security, like MAC Filtering.
If a drive-by is use netstumbler, he looking to break in at all cost. All it does is keep the normal connection utility from showing up. If he see a open system, and it does not give out dhcp it's either MAC filtering or static. All they have to do is scan till a pc shows up to get the MAC address to get in. No cracking skills needed there. But with all of the hand held devices, Hiding the SSID prevents them from attempting to connect. Depending on where you live and actually look at logs, you will find a lot less traffic if the SSID is hidden.
Beside I'm using max allowed all printable chr key. I don't think they have a cray in the back seat and 5 yrs to brute force the key. Particurlarly since they can move down the block and get in free. -
blue68f100 Notebook Virtuoso
-
saturnotaku Notebook Nobel Laureate
WPA vs WEP difference
Discussion in 'Networking and Wireless' started by Trickology, Dec 9, 2007.