PDA

View Full Version : Wireless Encryption



jamiejandrews
08-31-04, 10:20 AM
I have just purchased a DLink Wireless ADSL Router. I have 2 workstations and 1 server all on wireless. All seems to be quick enough running at 56bit encryption.

What is the need for 256bit encryption? I know its more secure, but how much will this slow down my connection to -

a. the internet
b. transferring files to my server

Any advice would be great!

Regards,
Jamie

JackMDS
08-31-04, 11:14 AM
Welcome to the Network forum.

For 256 encryption you need a Wireless Router and a Wireless card that support it, since it is not part of the standard.

How much? You will have to try it varies might be 5%-30% down.

:thumb:

jamiejandrews
08-31-04, 11:38 AM
Thanks for the response. A few points -

The DLink router does go up to 256bit encryption. I am currently running 64bit (typo before!).

just wondering is it worth going up to 128 bit or maybe 256 bit.
What do you think is the best taking into concideration the slow down?

Many thanks again!
Jamie

Usul
09-01-04, 01:25 AM
I would say you should be fine with 64bit, anyone who is going to take the time to crack your WEP key is very determined and having 128bit vs 64bit encryption will just add some time to the process. What I would recommend doing is enabling MAC filtering and disable your wifi router from broadcasting it's wireless network name. That along with any form of WEP should be sufficient for home use.

cataclysmcow
09-01-04, 03:18 AM
128bit WEP really isn't any more secure than 64bit WEP. Longer key lengths do increase the amount of processing time needed to crack the key, but longer key lengths reduce the time needed to gather the keys needed for WEP cracking. When cracking WEP most of the time is spent gathering weak packets. The process of actually cracking the key once you have enough packets only takes minutes (if not seconds).

All you need for basic security is 64bit WEP. Don't bother with longer keys, MAC address filtering or turning off SSID broadcast. For someone who already has a machine setup to crack WEP it would only take another 5 seconds to spoof a valid MAC. Finding the SSID is even easier - you can just ask the AP for it (probe request). Turning off SSID-broadcast can make WiFi networking a pain and can interfere with some products.

Just remember that WEP is broken though. If you need more security look into 802.1x, WPA-PSK or VPN solutions.

Usul
09-01-04, 04:03 AM
I use and would recommend SSH tunneling.

JackMDS
09-02-04, 08:18 AM
First read this: Wireless Security. (http://www.ezlan.net/Wireless_Security.html)

If Paranoia prevails Use RADIUS Server. :p

Further More use VPN for the local Wireless. :2cool:

If all fails there is always Praying. ;)

:thumb:

Sgt_Strider
12-07-04, 05:44 AM
First read this: Wireless Security. (http://www.ezlan.net/Wireless_Security.html)

If Paranoia prevails Use RADIUS Server. :p

Further More use VPN for the local Wireless. :2cool:

If all fails there is always Praying. ;)

:thumb:

What routers support VPN and with VPN, can any other clients connect to it provided that they have the right username and password? Thanks.

Sgt_Strider
12-12-04, 08:05 PM
Wow, still no replies...