Is WEP the most secure encryption in wireless network security?

WEP is flawed. Anyone with the proper tools and time can break it.

WPA is considered very secure if you use a good passphrase. Either TKIP or AES (WPA2).

WEP isn't recommended but it's better than no encryption. It would be best to use WPA or WPA2 encryption instead.

No, it is not WPA is more secure. WEP is breakable with sufficient captured traffic.

Yes, they can. Make your essid hidden, so that the outsider has to try to figure out what your essid is to connect. Then make sure you have some encryption configured. If you are worried, make sure that the key is changed periodically.

I am using linksys wireless router, and it doesn't support WPA, it has WEP. any ideas??

No point in hiding the SSID if it's intentional intruders that are a worry, they'll just run Kismet and immediately find it.

Similarly, WEP is equally pointless for deterring intentional intruders.

WEP will only stop casual intruders. With sufficient data, it can be broken. WPA is more secure, however you may also want to use a VPN.

There is a very serious flaw in WEP which allows it to be cracked fairly easily. If you have a choice between WEP and WPA go with WPA.

Thank you. You would be surprised at how many home users are unconcerned about this sort of thing.

If PSK is shorthand for WPA-PSK (which it probably is) than that is the best choice.

-j

1. Use WPA not WEP 2. Use a password that is at least 20 characters long. ( This will handle the weakness in WPA ... as per the latest research on WPA :-)

or if you're wanting to up the security, you might want to consider a VPN (with a digital certificate), or a Radius authentication server (with digital certificates)

Enjoy Postmaster

Either upgrade the firmware so it does support WPA, or replace it with a more modern one (WRT54G is nice, and around $60) that does support WPA.

I recently did a scan at a friends home. There were 5 or 6 open WiFi connections available and only a couple using encryption.

See if there's an update available. My SMC didn't originally support WPA, but does now.

I have Linksys Wireless-G USB Kit with SpeedBooster

,which contains Linksys WRT54GS v2 router and Linksys WUSB54GS network adapter.

Does it have WPA support?

WPA is the same as PSK? It has PSK-RADIUS, and RADIUS, which one is better?

Ok, if someone really hacked my WEP key, then they can get in my machine and steal things?

Please advise more...

None, shall we continue to guess *which* Linksys wireless router or are you going to tell us? :)

David.

True.

Silly.

You *can't* hide the ESSID! You can turn off periodic broadcasting of the ESSID, but that does *not* hide it. It is, unencrypted, sent in every packet you transmit. The broadcast merely makes sure that you do in fact transmit a packet at short, regular intervals.

The point of doing that is to allow a short "scan" to detect the presense of a network. The value is that it can be *avoided* if it will interfere with another network. Hence if you turn off ESSID broadcasts the likelyhood that a neighbor will fire up his wifi access point on the same channel as yours, is much greater than if the ESSID broadcast is enabled.

If the neighbor is interested in cracking your network, the lack of an ESSID broadcast is *not* going to hide the existance of the network for longer than it takes you to use it. Which is to say that as soon as you actually do use it for traffic, your ESSID is available to the neighbor.

It has *nothing* to do with security, obscure or otherwise.

All of the Linksys routers support WPA. The earlier /firmware/ doesn't though, and either a Linksys upgrade or third party firmware can be downloaded and applied to add support for WPA.

Jerry Park wrote in news:pJh_e.656$Qb6.412 @bignews6.bellsouth.net:

Yes and not much time either. Say around two minutes max.

Much stronger than WEP. Probably fine for most purposes.

Klazmon.

>

Can you post the model number of your linksys? You did say earlier that among your choices was something called "PSK" (Private Shared Key). That may be a WPA mode.

-j

If you go out to the Linksys web site, you can download a newer version of the firmware for the box. This will add WPA.

Other options: 1. Use a VPN (openvpn, poptop) 2. Use a Radius authentication server. 3. Use a different router. 4. Use this router as a front-end to another firewall, so you'll have WiFi (public, and open, and also have a secure private LAN).

Enjoy Postmaster

There are also three other things to do here, which will provide some additional layers that someone would have to go through:

1. Properly configure a local firewall on your computers. The router will provide protection from someone coming in via the hardwired ISP WAN connection, but will not protect you from someone trying to do computer-to-computer access via wireless.
2. Disable the ESSID broadcast on the WAP. This disables the ability for someone to casually identify your WAP passively using common clients. Also change the ESSID from the default to something that is not associated with you or your location. The number of my neighbors who have WAPs in their homes was easy for me to determine, including their use of ESSID's that reflected their names or addresses or the defaults. I have spoken to each.
3. Use MAC address filtering on the WAP, which links the WAP connection to the physical ID's of the wireless NIC's on your computers. It is possible to spoof MAC addresses, but it is one more thing for someone to do to get into your network.

The key to security is layers. Do not depend upon a single protection mechanism.

HTH,

Marc Schwartz

Yes, make sure you have the latest firmware from Linksys for this router.

Well, PSK is a subset of WPA. I don't have one set up here right now, but I've played with them a lot lately. You ought to have an encryption style, which will be {none,wep,wpa} and upon selecting WPA you'll get another selection of {psk,radius,etc}, and then upon selecting PSK you'll get {tkip,aes?}.

You'll want WPA - PSK - TKIP with a non-dictionary passphrase.