WEP vs WPA

Hi experts

I'm about to setup a wireless office network ( dimensions yet to be decided ) hence I need information before I set it up. I need the following information/s :-

1.) Comparison / difference and Pros&Cons of WEP and WPA encryption on a WLAN.

2.) Encryption technology

3.) Authentication technology

4.) Recommended devices (AP, WLAN Cards etc)

5.) How to perform Security Audit of a WLAN?

6.) Recommended steps to setup such a network

Please consider this urgent and post/reply ASAP

------------------------------------------------------------------------ View this thread:

formatting link

Reply to
rockysam39
Loading thread data ...

Reply to
Airman Thunderbird

rockysam39 hath wroth:

There's no comparison. WEP encryption has been easily cracked and is considered grossly insecure. Tools are commonly available and take only a few minutes to run. WPA is currently quite secure.

You have two choices. WPA-PSK which uses TKIP and WPA2-PSK which uses AES. AES is considered more secure. In general, any client that supports TKIP will also support AES, so there's little risk of compatibility issues with AES. Only older cards and drivers may be a problem.

802.1x is supplies along with WPA encryption. However, if you want something better, consider installing a RADIUS server and using WPA-RADIUS for authentication. This also has the added benifit of NOT using a shared encryption key which can easily be leaked. With RADIUS, the encryption key is unique for each session and user.

Sorry. Without specifications or clue as to what you're trying to accomplish, what you have to work with, and how much money you have to spend, I can't offer any recommendations. Note that there are no universal solutions.

Wireless security is enforced by the wireless access point. If it demands that users have encryption, authentication, passwords, etc, then checking the access point is your prime method of testing security. Beyond that, there are numerous intrusion testing and detection tools and services, which will test the entire network, and not just a single component, which can be circumvented or bypassed.

Hire someone that knows what they are doing and has done it before.

If this is your responsibility, I suggest you either do some serious reading, or find someone with experience to expedite the project.

Reply to
Jeff Liebermann

It sounds like someone is writing a paper.

If it is an actual project and that urgent you might want to hire someone with appropriate experience to do it.

Reply to
George

My two cents here; You can always hire and expert, but how do you know that person is an expert. I've been hired to fix "the mess left behind" quite a few times.

Is there any wireless network certification?

Reply to
miso

Good point. There are always references. I have prospective clients check my references all the time. However, if they were referred by an existing client, that's usually un-necessary.

Incidentally, much of what I do is cleaning up someone elses mess (both in install and engineering). I would normally expect a customer that has been burned by one "expert" to demand credentials and references from whomever they hire to clean up the mess. However, that's rarely the case. They just want it fixed and are apparently willing to repeat the same mistake they made on the first "expert". I've also noticed that such clients rarely ask me for an estimate. Very strange.

Sure. Here's a list:

I think there are others, but I'm too lazy to search. Some universities offer classes which culminate in a certification exam.

I've always wanted to collect certifications, but my office walls are plastered with books, racks, hanging mice, diagrams, maps, schematics, dead motherboards, photos, and white boards, that there's no room for the certificates.

Reply to
Jeff Liebermann

Unfortunately, there are people that are good at passing written tests, but still can't do the real work. Of course, having the sheep skin and hands on knowledge is the best situation.

Reply to
miso

Judging by your questions, you're way over your head to ask them...much less deploy a network.

Your local yellow pages most likely has computer shops that are very experienced at this.

Reply to
nevtxjustin

"Jeff Liebermann" schreef in bericht news: snipped-for-privacy@4ax.com...

Hi,

Is it always these 2 choices for WPA? In other words, if you buy a network card (PCMCIA) wich has WPA and WPA2, do you have all possibilities? Or is there in either one, another form of existence?

Thanks, Ruud. NL

Reply to
Ruud2022

"Ruud2022" hath wroth:

It's kinda difficult to answer that because the various choices involve:

  1. Protocol
  2. Authentication
  3. Authorization
  4. Encryption.
  5. Vendor specific additions.

Sorta, maybe, probably. Bear with me here. The *MAJOR* forms are: WPA-Personal with TKIP encryption and a shared encryption key. WPA-Enterprise with TKIP and RADIUS authentication WPA2-Personal with AES encryption and a shared encryption key. WPA2-Enterprise with AES encrytion and RADIUS authentication.

However, there are routers which will accept WPA with AES encryption. None offer WPA2 with TKIP. You won't need that.

Where it gets ugly and potentially incompatible is 802.1x authentication using EAP (extensible authentication protocol). There are a mess of protocols possible with EAP.

The problem is that not all wireless clients support all of these.

For wireless MS supports: PEAP-MS-CHAP v2, EAP-TLS, PEAP-TLS Vista added some more, but I'm too lazy to dig out the list.

Existence on a different plane is best experienced under the influence of controlled substances.

Reply to
Jeff Liebermann

"Jeff Liebermann" schreef in bericht news: snipped-for-privacy@4ax.com...

Thanks a lot Jeff, bit by bit I become more aware of wireless Internetting.

Your last sentence I did'nt understand very much, maybe I wrote noncense in mine. English is not my "home" language ;-))

But anyway, thanks for teaching me something.

Ruud.

Reply to
Ruud2022

"Ruud2022" hath wroth:

Your English is quite good, so I assumed that you knew some of the terms. "Another form of existence" was a phrase used during the

1960's to mean that someone was drugged or "stoned" sufficiently to escape the common normal daily form of existence, and live in an "altered state". In other words, a loss of reality. "Controlled substances" are drugs restricted by the government. I hope this helps.
Reply to
Jeff Liebermann

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.