128 bit WEP - Networking

This is a discussion on 128 bit WEP - Networking ; Is 128 bit wep any more secure than 64 bit wep? This is in context of an apartment building. The wifi router in question, unfortunately does not support WPA. How much security do its owners really have? i...

+ Reply to Thread
Results 1 to 11 of 11

Thread: 128 bit WEP

  1. 128 bit WEP

    Is 128 bit wep any more secure than 64 bit wep?

    This is in context of an apartment building.

    The wifi router in question, unfortunately does not support WPA.

    How much security do its owners really have?

    i

  2. Re: 128 bit WEP

    Ignoramus4611 writes:

    >Is 128 bit wep any more secure than 64 bit wep?


    >This is in context of an apartment building.


    >The wifi router in question, unfortunately does not support WPA.


    >How much security do its owners really have?


    As a previous post says, look at
    http://www.aircrack-ng.org
    It claims 3-5 min is enough time to collect enough info ( using active
    techniques) to crack 128 bit WEP.
    Of course your attacker must want to crack you,and must have the tools to
    do
    so. Unfortunately neither of those are under your control. Thus, yes, WEP
    is better than nothing. But if y our attacker is determined, it is not much
    better than nothing. If he is not, then you should be fine.



    >i


  3. Re: 128 bit WEP

    On 2007-12-26, Unruh wrote:
    > Ignoramus4611 writes:
    >
    >>Is 128 bit wep any more secure than 64 bit wep?

    >
    >>This is in context of an apartment building.

    >
    >>The wifi router in question, unfortunately does not support WPA.

    >
    >>How much security do its owners really have?

    >
    > As a previous post says, look at
    > http://www.aircrack-ng.org
    > It claims 3-5 min is enough time to collect enough info ( using active
    > techniques) to crack 128 bit WEP.
    > Of course your attacker must want to crack you,and must have the tools to
    > do
    > so. Unfortunately neither of those are under your control. Thus, yes, WEP
    > is better than nothing. But if y our attacker is determined, it is not much
    > better than nothing. If he is not, then you should be fine.


    I think that I will start looking for a new WPA capable wifi
    router. This is very unfortunately, as they are unable to set it up by
    themselves.

    i

  4. Re: 128 bit WEP

    On Wed, 26 Dec 2007 15:11:49 -0600, Ignoramus4611 wrote:

    > Is 128 bit wep any more secure than 64 bit wep?
    >
    > This is in context of an apartment building.
    >
    > The wifi router in question, unfortunately does not support WPA.
    >
    > How much security do its owners really have?
    >
    > i


    WEP is useful for keeping your neighbors from stealing your bandwidth but
    you shouldn't count on it for security. A weak cipher is worse than no
    cipher, just ask Mary Queen of Scots (she counted on an easily broken
    cipher and it cost her her head).

    If you are going to use a wireless network you should treat it like the
    Internet, i.e. assume that everything is visible. Put firewalls on all of
    your machines with only the ssh port open if you can. Require RSA
    authentication on the ssh connections and don't allow root access on ssh.
    If you need some other ports open then you should take the same
    precautions as you would if those ports were connected to the Internet.

  5. Re: 128 bit WEP

    Ignoramus7897 writes:

    >On 2007-12-26, Unruh wrote:
    >> Ignoramus4611 writes:
    >>
    >>>Is 128 bit wep any more secure than 64 bit wep?

    >>
    >>>This is in context of an apartment building.

    >>
    >>>The wifi router in question, unfortunately does not support WPA.

    >>
    >>>How much security do its owners really have?

    >>
    >> As a previous post says, look at
    >> http://www.aircrack-ng.org
    >> It claims 3-5 min is enough time to collect enough info ( using active
    >> techniques) to crack 128 bit WEP.
    >> Of course your attacker must want to crack you,and must have the tools to
    >> do
    >> so. Unfortunately neither of those are under your control. Thus, yes, WEP
    >> is better than nothing. But if y our attacker is determined, it is not much
    >> better than nothing. If he is not, then you should be fine.


    >I think that I will start looking for a new WPA capable wifi
    >router. This is very unfortunately, as they are unable to set it up by
    >themselves.


    Maybe if you were to tell us what your attack threat was, we could help you
    more. Ie, if you are worried that the other apartment dwellers will connect
    to the internet via your router and dsl connection and hog the whole
    bandwidth, then simple WEP is probably sufficient to discourage them. After
    using it and discovering that it is not sufficient (ie finding that your
    apartment neighbours are using your bandwidth and using up your quota of
    bytes transfered from your ISP) then you can escalate to buying a new
    wireless router. Or you can simply disable wireless and use wired
    connections. Or you can buy a new router ($20 on boxing week sales).

    WPA is not that much more difficult than WEP on Linux.

    Who are "they"?


  6. Re: 128 bit WEP

    On 2007-12-27, Unruh wrote:
    > Ignoramus7897 writes:
    >
    >>On 2007-12-26, Unruh wrote:
    >>> Ignoramus4611 writes:
    >>>
    >>>>Is 128 bit wep any more secure than 64 bit wep?
    >>>
    >>>>This is in context of an apartment building.
    >>>
    >>>>The wifi router in question, unfortunately does not support WPA.
    >>>
    >>>>How much security do its owners really have?
    >>>
    >>> As a previous post says, look at
    >>> http://www.aircrack-ng.org
    >>> It claims 3-5 min is enough time to collect enough info ( using active
    >>> techniques) to crack 128 bit WEP.
    >>> Of course your attacker must want to crack you,and must have the tools to
    >>> do
    >>> so. Unfortunately neither of those are under your control. Thus, yes, WEP
    >>> is better than nothing. But if y our attacker is determined, it is not much
    >>> better than nothing. If he is not, then you should be fine.

    >
    >>I think that I will start looking for a new WPA capable wifi
    >>router. This is very unfortunately, as they are unable to set it up by
    >>themselves.

    >
    > Maybe if you were to tell us what your attack threat was, we could help you
    > more. Ie, if you are worried that the other apartment dwellers will connect
    > to the internet via your router and dsl connection and hog the whole
    > bandwidth, then simple WEP is probably sufficient to discourage them. After
    > using it and discovering that it is not sufficient (ie finding that your
    > apartment neighbours are using your bandwidth and using up your quota of
    > bytes transfered from your ISP) then you can escalate to buying a new
    > wireless router. Or you can simply disable wireless and use wired
    > connections. Or you can buy a new router ($20 on boxing week sales).
    >
    > WPA is not that much more difficult than WEP on Linux.
    >
    > Who are "they"?
    >


    They are my parents. They stubbornly refuse to do system
    administration. My dad has used computers since the 60s and yet does
    not want to learn sysadmin stuff etc. Whateverr.

    The threat model is that some resident of their apartments would abuse
    their bandwidth.

    i

  7. Re: 128 bit WEP

    On Fri, 28 Dec 2007 07:42:13 -0600, Ignoramus14384 wrote:

    > On 2007-12-27, Unruh wrote:
    >> Ignoramus7897 writes:
    >>
    >>>On 2007-12-26, Unruh wrote:
    >>>> Ignoramus4611 writes:
    >>>>
    >>>>>Is 128 bit wep any more secure than 64 bit wep?
    >>>>
    >>>>>This is in context of an apartment building.
    >>>>
    >>>>>The wifi router in question, unfortunately does not support WPA.
    >>>>
    >>>>>How much security do its owners really have?
    >>>>
    >>>> As a previous post says, look at
    >>>> http://www.aircrack-ng.org
    >>>> It claims 3-5 min is enough time to collect enough info ( using
    >>>> active techniques) to crack 128 bit WEP.
    >>>> Of course your attacker must want to crack you,and must have the
    >>>> tools to do
    >>>> so. Unfortunately neither of those are under your control. Thus, yes,
    >>>> WEP is better than nothing. But if y our attacker is determined, it
    >>>> is not much better than nothing. If he is not, then you should be
    >>>> fine.

    >>
    >>>I think that I will start looking for a new WPA capable wifi router.
    >>>This is very unfortunately, as they are unable to set it up by
    >>>themselves.

    >>
    >> Maybe if you were to tell us what your attack threat was, we could help
    >> you more. Ie, if you are worried that the other apartment dwellers will
    >> connect to the internet via your router and dsl connection and hog the
    >> whole bandwidth, then simple WEP is probably sufficient to discourage
    >> them. After using it and discovering that it is not sufficient (ie
    >> finding that your apartment neighbours are using your bandwidth and
    >> using up your quota of bytes transfered from your ISP) then you can
    >> escalate to buying a new wireless router. Or you can simply disable
    >> wireless and use wired connections. Or you can buy a new router ($20 on
    >> boxing week sales).
    >>
    >> WPA is not that much more difficult than WEP on Linux.
    >>
    >> Who are "they"?
    >>
    >>

    > They are my parents. They stubbornly refuse to do system administration.
    > My dad has used computers since the 60s and yet does not want to learn
    > sysadmin stuff etc. Whateverr.
    >
    > The threat model is that some resident of their apartments would abuse
    > their bandwidth.
    >
    > i


    They aren't running any servers so you can close all of their ports on
    their firewall. A firewall plus WEP should be enough for their needs.

  8. Re: 128 bit WEP

    Ignoramus14384 writes:

    >On 2007-12-27, Unruh wrote:
    >> Ignoramus7897 writes:
    >>
    >>>On 2007-12-26, Unruh wrote:
    >>>> Ignoramus4611 writes:
    >>>>
    >>>>>Is 128 bit wep any more secure than 64 bit wep?
    >>>>
    >>>>>This is in context of an apartment building.
    >>>>
    >>>>>The wifi router in question, unfortunately does not support WPA.
    >>>>
    >>>>>How much security do its owners really have?
    >>>>
    >>>> As a previous post says, look at
    >>>> http://www.aircrack-ng.org
    >>>> It claims 3-5 min is enough time to collect enough info ( using active
    >>>> techniques) to crack 128 bit WEP.
    >>>> Of course your attacker must want to crack you,and must have the tools to
    >>>> do
    >>>> so. Unfortunately neither of those are under your control. Thus, yes, WEP
    >>>> is better than nothing. But if y our attacker is determined, it is not much
    >>>> better than nothing. If he is not, then you should be fine.

    >>
    >>>I think that I will start looking for a new WPA capable wifi
    >>>router. This is very unfortunately, as they are unable to set it up by
    >>>themselves.

    >>
    >> Maybe if you were to tell us what your attack threat was, we could help you
    >> more. Ie, if you are worried that the other apartment dwellers will connect
    >> to the internet via your router and dsl connection and hog the whole
    >> bandwidth, then simple WEP is probably sufficient to discourage them. After
    >> using it and discovering that it is not sufficient (ie finding that your
    >> apartment neighbours are using your bandwidth and using up your quota of
    >> bytes transfered from your ISP) then you can escalate to buying a new
    >> wireless router. Or you can simply disable wireless and use wired
    >> connections. Or you can buy a new router ($20 on boxing week sales).
    >>
    >> WPA is not that much more difficult than WEP on Linux.
    >>
    >> Who are "they"?
    >>


    >They are my parents. They stubbornly refuse to do system
    >administration. My dad has used computers since the 60s and yet does
    >not want to learn sysadmin stuff etc. Whateverr.


    >The threat model is that some resident of their apartments would abuse
    >their bandwidth.


    Without other evidence just use WEP and do not worry.
    If they get their bandwidth abused, then you can persuade your mom to learn
    some sysadmin.
    Mind you I have not found WPA very hard to do at all. You do have to set up
    the modem to use WPA, and your system to do so, but that's it. But if it is
    too difficult, let it be. There are more worthwhile things to fight with
    your dad about.


  9. Re: 128 bit WEP

    General Schvantzkopf writes:

    >On Fri, 28 Dec 2007 07:42:13 -0600, Ignoramus14384 wrote:


    >> On 2007-12-27, Unruh wrote:
    >>> Ignoramus7897 writes:
    >>>
    >>>>On 2007-12-26, Unruh wrote:
    >>>>> Ignoramus4611 writes:
    >>>>>
    >>>>>>Is 128 bit wep any more secure than 64 bit wep?
    >>>>>
    >>>>>>This is in context of an apartment building.
    >>>>>
    >>>>>>The wifi router in question, unfortunately does not support WPA.
    >>>>>
    >>>>>>How much security do its owners really have?
    >>>>>
    >>>>> As a previous post says, look at
    >>>>> http://www.aircrack-ng.org
    >>>>> It claims 3-5 min is enough time to collect enough info ( using
    >>>>> active techniques) to crack 128 bit WEP.
    >>>>> Of course your attacker must want to crack you,and must have the
    >>>>> tools to do
    >>>>> so. Unfortunately neither of those are under your control. Thus, yes,
    >>>>> WEP is better than nothing. But if y our attacker is determined, it
    >>>>> is not much better than nothing. If he is not, then you should be
    >>>>> fine.
    >>>
    >>>>I think that I will start looking for a new WPA capable wifi router.
    >>>>This is very unfortunately, as they are unable to set it up by
    >>>>themselves.
    >>>
    >>> Maybe if you were to tell us what your attack threat was, we could help
    >>> you more. Ie, if you are worried that the other apartment dwellers will
    >>> connect to the internet via your router and dsl connection and hog the
    >>> whole bandwidth, then simple WEP is probably sufficient to discourage
    >>> them. After using it and discovering that it is not sufficient (ie
    >>> finding that your apartment neighbours are using your bandwidth and
    >>> using up your quota of bytes transfered from your ISP) then you can
    >>> escalate to buying a new wireless router. Or you can simply disable
    >>> wireless and use wired connections. Or you can buy a new router ($20 on
    >>> boxing week sales).
    >>>
    >>> WPA is not that much more difficult than WEP on Linux.
    >>>
    >>> Who are "they"?
    >>>
    >>>

    >> They are my parents. They stubbornly refuse to do system administration.
    >> My dad has used computers since the 60s and yet does not want to learn
    >> sysadmin stuff etc. Whateverr.
    >>
    >> The threat model is that some resident of their apartments would abuse
    >> their bandwidth.
    >>
    >> i


    >They aren't running any servers so you can close all of their ports on
    >their firewall. A firewall plus WEP should be enough for their needs.


    Apparently he is not worried about their computer being cracked, but about
    some other resident connecting the web through their router and downloading
    100G of stuff, causing them to have to pay huge sums to the telco for
    overuse of the connection.


  10. Re: 128 bit WEP

    On 2007-12-28, Unruh wrote:
    > Ignoramus14384 writes:
    >
    >>On 2007-12-27, Unruh wrote:
    >>> Ignoramus7897 writes:
    >>>
    >>>>On 2007-12-26, Unruh wrote:
    >>>>> Ignoramus4611 writes:
    >>>>>
    >>>>>>Is 128 bit wep any more secure than 64 bit wep?
    >>>>>
    >>>>>>This is in context of an apartment building.
    >>>>>
    >>>>>>The wifi router in question, unfortunately does not support WPA.
    >>>>>
    >>>>>>How much security do its owners really have?
    >>>>>
    >>>>> As a previous post says, look at
    >>>>> http://www.aircrack-ng.org
    >>>>> It claims 3-5 min is enough time to collect enough info ( using active
    >>>>> techniques) to crack 128 bit WEP.
    >>>>> Of course your attacker must want to crack you,and must have the tools to
    >>>>> do
    >>>>> so. Unfortunately neither of those are under your control. Thus, yes, WEP
    >>>>> is better than nothing. But if y our attacker is determined, it is not much
    >>>>> better than nothing. If he is not, then you should be fine.
    >>>
    >>>>I think that I will start looking for a new WPA capable wifi
    >>>>router. This is very unfortunately, as they are unable to set it up by
    >>>>themselves.
    >>>
    >>> Maybe if you were to tell us what your attack threat was, we could help you
    >>> more. Ie, if you are worried that the other apartment dwellers will connect
    >>> to the internet via your router and dsl connection and hog the whole
    >>> bandwidth, then simple WEP is probably sufficient to discourage them. After
    >>> using it and discovering that it is not sufficient (ie finding that your
    >>> apartment neighbours are using your bandwidth and using up your quota of
    >>> bytes transfered from your ISP) then you can escalate to buying a new
    >>> wireless router. Or you can simply disable wireless and use wired
    >>> connections. Or you can buy a new router ($20 on boxing week sales).
    >>>
    >>> WPA is not that much more difficult than WEP on Linux.
    >>>
    >>> Who are "they"?
    >>>

    >
    >>They are my parents. They stubbornly refuse to do system
    >>administration. My dad has used computers since the 60s and yet does
    >>not want to learn sysadmin stuff etc. Whateverr.

    >
    >>The threat model is that some resident of their apartments would abuse
    >>their bandwidth.

    >
    > Without other evidence just use WEP and do not worry.
    > If they get their bandwidth abused, then you can persuade your mom to learn
    > some sysadmin.
    > Mind you I have not found WPA very hard to do at all. You do have to set up
    > the modem to use WPA, and your system to do so, but that's it. But if it is
    > too difficult, let it be. There are more worthwhile things to fight with
    > your dad about.
    >


    It is not hard to set up WPA, the problem is that ther old wifi router
    only supports WEP. I have WPA at home. While I hate the "keyring"
    implementation of NM, stuff actually works.

    i

  11. Re: 128 bit WEP

    Ignoramus4611 schrieb:
    > Is 128 bit wep any more secure than 64 bit wep?
    >
    > This is in context of an apartment building.
    >
    > The wifi router in question, unfortunately does not support WPA.
    >
    > How much security do its owners really have?

    If you dont care about the the cypher-strength but just the possibility
    of someone using your DSL connection MAC filtering should be sufficient.
    Just white-list your own MAC addresses and deny all others.
    >
    > i


+ Reply to Thread