WEP vs WPA-PSK

Status
Not open for further replies.
strategic

strategic

Posts: 838   +1
Here is a new one (for me).
Everybody for the most is aware that wep encryption is breaable.
There is however one question, what is the difference (or how much of a difference) is there between 128bit WEP, or WPA-PSK. Who should I be worried about breaking my 128bit wep, neighbors, somebody nearby, or even somebody far away? 128bit encryption is afterall, the highest level available is it not?
 
the problem with WEP is not the bit length of the key but rather the simplistic math used to create it.

WPA, WPA2 have better techniques and thus better security
 
Understand WPA and WPA2 is far better than WEP but real world, should I be concerned about using WEP?

Reason for my question is for my kids Nintendo DSi. Although the DSi supports WPA2, the games which he wants to use are for the original DS and WEP only.

If it makes a difference, how I'm laid out is the family desktop is hardwired to the router and only thing on the wireless side would be the kids DSi and Wii (and could set up MAC filtering for those). Currently broadcasting the SSID but if I switch back to WEP (currently WPA2) guess should turn off.
 
Well my home network has a small workgroup which i run wired and wireless, i have a shared printer, and a few shared folders.

I also have a homegroup setup for my 7 machines, and all my machines can be logged into remotely from one another.

I find WPA2-PSK to be the most efficient for my application, coupled with MAC filtering i have had no problems with peopl lurking on my network.

Whereas with WEP and non broadcasting SSID i would find someone every now and then on my wireless.

I also have a Wii and Playstation 3 on the network as well, and they dont mind the WPA2.

Honestly, if all your devices support it, it isnt much harder to setup WPA2 so I'd recommend it.
 
It takes about 5-10 minutes to break into WEP 64-bit and 20-30 minutes for WEP 128-bit. I know personally...

But unless you are near a well traveled residential area, in an dense apartment setting or live near someone who's kind of eccentric... 99.998% of the time, you'll be OK with WEP.
 
YES! -- it's a probability issue.
1) the intruder needs to 'know how'
2) and use the right tools

If you can, set the MAC filtering to ALLOW and enter those devices. Most routers will
then ONLY allow those entries to connect regardless of the WEP key.

(btw: just to be fully honest; if (1+2) above, then it's highly probable that the intruder knows how to find a valid MAC also :( )
 
This is becoming far more clearer now. In my area, the only hi-speed internet is wireless. There is no digital phone line to support hi-speed. EVERYBODY in my area has hi-speed - you can see all the antennas on the rooftops. There are many unsecured setups in my area, so what are the odds that somebody would waste time to break into mine?
 
remember: Out of sight is out of mind?

Some kiddy down the street will try 'just for the fun of it'

Also you must really understand; There is no such thing as absolute security -- keys for the front door and passwords for logins only help keep honest people honest :)

Do you best and that's all anyone can expect
 
Out of curiosity, if someone were to break into a WAN network, could they access the LAN side (without a workgroup or intranet setup) or is that even possible?
 
Joebeard is right only allow all you MAC adresses to pass, on top of the key.

personally, i dont see the non broadcasting SSID as a security measure, not by itself anyway.

you can still find non broadcasted networks.

and yes, the packets sent over the wireless contain the mac address of the machine, so its really simple to find and spoof a mac address.

network +, and network security really opened my eyes to alot of things i never even had a clue about before.
 
Very good -- You're seeing the issues well :)

The 'break-in' would occur on the WiFi-SSID side which is actually on the LAN side.
They would get Internet access thru your router+modem.

Accessing your other systems is a firewall issue (on each system).

Here's my method of controlling the problem.
  1. get all known systems into a small range of ip-addresses
    (say x.y.1.2->1.10)
  2. get everything else at some other range (x.y.1.100->200)
  3. then config the firewall(s) to allow Print/File sharing on the former and denied to the latter
    (allow on x.y.1.2->1.10 + 255[the broadcast address])
This moves the problem (of control) to one of managing IP address assignments. This works for both WiFi and wired connections -- say like a guest staying with you for a few days.

For my router, MAC filtering also allows me to predetermine the IP address to be assigned --
just like static addresss but controlled from the router instead of each system independently.

If your's doesn't allow that, then you can assign IP addresses manually at each device and set the DHCP assignment range to 1.100->200
 
jobeard said:
The 'break-in' would occur on the WiFi-SSID side which is actually on the LAN side.
Click to expand...

That makes a lot of sense, what was I thinking?:eek:
Here is my scenario, I have a computer hooked to my router (wirelessly) using a Linksys wireless adapter, working fine under WPA_PSK2. I tried to hook up another computer the same way (which sees my SSID, but doesn't support WPA-PSK2, when I use the adapter on it, it doesn't pickup the SSID at all, thinking there was an interference, I disabled the laptops internal wireless and the adapter still wouldn't see it. (This is all preliminary and I have to diagnose it a little better to see what and why)
 
may I suggest you post a new topic with the above entry and we'll resume there.

we try to keep one topic per thread and this ones gone too far from wep vs wpa.
 
Thanks for the advice jobeard, I didn't really mean to start anything new, actually I would like to try and get a few answers before I physically create another thread. Sorry:blush:
 
it depends on the OS you are using on your computer

disregard this unless your computer is running wirelessly

I had a WPA2 encryption on my router, which was new from an AT&T service, that the technician had installed on it. I connected to my own network, but

Wonderfully, in the middle of play Counter Strike, "WARNING: CONNECTION PROBLEM"

guess what? The connection failed. Many times did i do this, until I changed the encryption to WEP.

If you run Windows Vista however, and according to my research, it should be fine on WPA2. But I would still run WEP because its not going to scramble the packets with some strange encryption

anyway, that's my two cents

sw123 :)
 
sw123 said:
The connection failed. Many times did i do this, until I changed the encryption to WEP.
Click to expand...

Thank you for your input. This quote however confuses me. I have [1] computer running on LAN, and [1] computer on WAN via linksys wireless adapter. Same router, with WPA2, and I never had any issues with my connection. My o/s is Windows XP / XP Pro...
 
It is known that WPA may have difficulties between different vender's devices.
Sometimes updating the firmware in the router and the device driver for the WiFi will
correct this -- sometimes not :(

This is not an OS issue but an encryption protocol problem being non-standard in one end or the other.
 
Strategic:


If you're running WinXP, make sure to set the encryption to WEP. It will fail if you run it with WPA or WPA2. WPA and WPA2 are more for Vista, or the upcoming Windows 7.
 
sw123 said:
WPA and WPA2 are more for Vista, or the upcoming Windows 7.
Click to expand...
SORRY-- WRONG! Neither of these are OS version or hotfix dependent. They are encryption techniques that are platform neutral and the issues
for WPA/WPA2 are compatibility problems across vendors.
 
sw123 said:
Strategic:


If you're running WinXP, make sure to set the encryption to WEP. It will fail if you run it with WPA or WPA2. WPA and WPA2 are more for Vista, or the upcoming Windows 7.
Click to expand...

I think this thread may be getting confusing. I am currently running (already) with Windows XP, a WPA-PSK2 connection, it's been fine so far. I may have to change to WEP if I decide to connect an old notebook which doesn't support WPA-PSK2 (unless I change the ethernet card). I am not an expert so I can't really explain how it's been working, I just know it works...:suspiciou
 
good for you :) WEP is your last choice and you're using a much better technique -- good choice.
 
Status
Not open for further replies.

Similar threads

midian182
Apple might withdraw FaceTime and iMessage in the UK over updated surveillance laws
Replies
2
Views
370
NumberSix
NumberSix
Scorpus
AMD promises upscaling quality improvements with FSR 3.1 update, adds Vulkan and Xbox...
Replies
7
Views
177
Puiu
Puiu
Cal Jeffrey
Apple's Spatial Personas for the Vision Pro bring your FaceTime callers into the room
Replies
2
Views
151
Gezzer
G

Latest posts

Back