which is the best wireless encription/protection?!

Message

dorin · #1 Post by **dorin** » Wed Oct 25, 2006 5:11 pm

i was asking myself that for a loong time

wpa2-psk or the mac access list?! i'd bet the mac list, which is a hardware protection, while wpa is software...

so, what do you think?!

have a great day,

dorin

#2 Post by **rkawakami** » Wed Oct 25, 2006 5:43 pm

I believe MAC addresses can be fairly easily spoofed (faked), if they can figure out which ones have been allowed in the access list. The longest bit length encryption key is of course the best one to use. I'm not up to speed on how easily those systems are to beat, but I guess the counter-question is: how sensitive is your wireless network?

#3 Post by **carbon_unit** » Wed Oct 25, 2006 6:24 pm

WPA-PSK easily blows away any mac address filter.

dorin · #4 Post by **dorin** » Wed Oct 25, 2006 6:29 pm

no no no, is not about protecting my network or any other, it's just a question is bugging me for a while. just wondering if needed which would be the safest way to.

i know is "quite easy" to fake a mac, but for that you need a phisical contact with the unit, right?!

#5 Post by **carbon_unit** » Wed Oct 25, 2006 6:37 pm

No, you can sniff packets and get the mac address of the Access Point and any clients. Then it is a simple matter to spoof the mac address.
A mac address filter is like locking a screen door. It will keep the honest people out.
WPA on the other hand takes some time and effort to crack but it can still be done.
Ethernet is the safest.

dorin · #6 Post by **dorin** » Wed Oct 25, 2006 6:56 pm

the only 100% safe to protect your sensitive data is not to be connected to any network...

#7 Post by **carbon_unit** » Wed Oct 25, 2006 7:18 pm

That's for sure!

christopher_wolf · #8 Post by **christopher_wolf** » Wed Oct 25, 2006 9:20 pm

Hardwired connection with a strictly enforced timeout as well as any end-to-end encryption. Even with Cain, it is disturbingly easy to pick out all the data one would need to get around most of the protections home, and even business users, put around their Wireless APs.

Dead1nside · #9 Post by **Dead1nside** » Thu Oct 26, 2006 7:29 am

I use a combination of both WPA/2-PSK (AES) with a MAC address access control filter.

The mixed WPA/2 is because not all my laptops support WPA2.

NS · #10 Post by NS » Thu Oct 26, 2006 11:03 am

I used WPA and WEP to encrypt my network and so far nothing happen yet.

#11 Post by **underclocker** » Thu Oct 26, 2006 4:18 pm

The worst security breach is one that occurs and you don't know it happened. Unless people use IDS's (intrusion detection systems), a breach may have occurred.

Botom line, for home users WPA-PSK is considered good and adequate. If you need more, hardwired is the way to go.

DIGITALgimpus · #12 Post by **DIGITALgimpus** » Thu Oct 26, 2006 8:45 pm

WPA (AES) and MAC filtering are bare minimum. Anything less takes just a minute or so to crack. It's almost silly. It's not that technical, there are tools available for download that take the hard work out of it.

Dead1nside · #13 Post by **Dead1nside** » Fri Oct 27, 2006 3:00 am

Apart from wired, what's more secure than WPA-PSK and MAC filtering?

#14 Post by **tomh009** » Fri Oct 27, 2006 3:47 am

christopher_wolf wrote:Hardwired connection with a strictly enforced timeout as well as any end-to-end encryption. Even with Cain, it is disturbingly easy to pick out all the data one would need to get around most of the protections home, and even business users, put around their Wireless APs.

Should really run 100base-FX (fibre) Ethernet to avoid the EM emissions, too, if you really want to be secure!

which is the best wireless encription/protection?!

which is the best wireless encription/protection?!

Who is online