Wireless Network: Functionality vs. Security

Mugenmidget

I'm currently using a Linksys WRT54G router with WPA2 Personal encryption with the AES algorithm (no TKIP). In addition to this I've disabled the broadcast of my SSID and added a MAC filter list so I have those thin extra layers of security as well. This current configuration works well for the majority of wireless computers we use and the Nintendo Wii as well.

Where it doesn't work is my main issue of concern. The DS is not compatible with WPA2, so I can't use that without disabling the security or moving to WEP. Much like my DS, I have an older laptop that I'd like to still use on the network but currently cannot due to its network card (MA401) and OS (Windows 95) seemingly not working well enough in tandem to provide WPA support. Just like the DS, the laptop would work with WEP encryption.

For the DS at least I can create another access point through the usage of the Nintendo Wi-Fi USB adapter. This isn't optimal (the device of course is not as reliable as my router), but it seems adequate and has worked to some end. However, this leaves the laptop rendered useless still and only provides somewhat of a fix for the DS.

There is the option of moving to WEP, but the poor amount of protection provided worries me because currently our network is sharing drives rather freely and without password protection. Would it be worth moving to WEP, and if I did so would putting passwords on our network shares do very much to protect the contents of our network? And even if those shares are protected, what about the risks of illegal traffic being purported through my network without my noticing?

A simple solution to all of these problems might be a limited range access point just like the DS USB device for usage of both my laptop and the DS. However, the current Nintendo USB device is somewhat unsatisfactory and probably would not work with my laptop. This guide seems to outline methods to turn the Nintendo Wi-Fi USB device into a general AP:

http://www.gamefaqs.com/portable/ds/file/925329/40161

Has anyone done this with their own Nintendo Wi-Fi USB connector? How did it fare as an AP? The card I'm using in my laptop (MA401) is an older device and won't be reaching LAN speeds past 54mbps, so it's not imperative to have a particularly speedy connection.

taliosfalcon

WPA2 is pretty easy to crack now unless your running it in conjunction with a RADIUS server. Really anyone who is willing to spend the to crack your wep probably won't have any qualms or problems with spending an additional few minutes to crack your WPA. For that reason i'd say just go to WEP, all it and WPA do is encourage people to jump on an open access point rather than spending a bit of time to crack yours, neither one is going to keep someone who wants in out.

Mugenmidget

taliosfalcon wrote: »

WPA2 is pretty easy to crack now unless your running it in conjunction with a RADIUS server. Really anyone who is willing to spend the to crack your wep probably won't have any qualms or problems with spending an additional few minutes to crack your WPA. For that reason i'd say just go to WEP, all it and WPA do is encourage people to jump on an open access point rather than spending a bit of time to crack yours, neither one is going to keep someone who wants in out.

In that case, is there any point to password protecting the network shares, or are those passwords just as easy to crack if someone wanted to?

Dritz

taliosfalcon wrote: »

WPA2 is pretty easy to crack now unless your running it in conjunction with a RADIUS server. Really anyone who is willing to spend the to crack your wep probably won't have any qualms or problems with spending an additional few minutes to crack your WPA. For that reason i'd say just go to WEP, all it and WPA do is encourage people to jump on an open access point rather than spending a bit of time to crack yours, neither one is going to keep someone who wants in out.

No offence but this is wrong. WPA is susceptible to brute force and dictionary attacks, it can not be cracked.

Edit - Apparently I suck at terminology. I guess the word 'cracking' can be applied to using brute force attacks. What I mean is that you can't just pick information about your key out of the air.

taliosfalcon

Dritz wrote: »

taliosfalcon wrote: »

WPA2 is pretty easy to crack now unless your running it in conjunction with a RADIUS server. Really anyone who is willing to spend the to crack your wep probably won't have any qualms or problems with spending an additional few minutes to crack your WPA. For that reason i'd say just go to WEP, all it and WPA do is encourage people to jump on an open access point rather than spending a bit of time to crack yours, neither one is going to keep someone who wants in out.

No offence but this is wrong. WPA is susceptible to brute force and dictionary attacks, it can not be cracked.

Edit - Apparently I suck at terminology. I guess the word 'cracking' can be applied to using brute force attacks. What I mean is that you can't just pick information about your key out of the air.

No, you can't just grab the key out of the air, but with the proper programs and knowledge you can get past a 128 bit AES key in under 5 minutes, and be on the network.