which is the best wireless encription/protection?!

Talk about "WhatEVER !"..
Post Reply
Message
Author
dorin
Junior Member
Junior Member
Posts: 363
Joined: Thu Jan 12, 2006 6:24 am
Location: Zürich, Switzerland
Contact:

which is the best wireless encription/protection?!

#1 Post by dorin » Wed Oct 25, 2006 5:11 pm

i was asking myself that for a loong time

wpa2-psk or the mac access list?! i'd bet the mac list, which is a hardware protection, while wpa is software...

so, what do you think?!

have a great day,

dorin
X40 (2386H6G) 1.4Ghz 1.5Gb 40Gb

rkawakami
Admin
Admin
Posts: 10053
Joined: Sun Jun 04, 2006 1:26 am
Location: San Jose, CA 95120 USA
Contact:

#2 Post by rkawakami » Wed Oct 25, 2006 5:43 pm

I believe MAC addresses can be fairly easily spoofed (faked), if they can figure out which ones have been allowed in the access list. The longest bit length encryption key is of course the best one to use. I'm not up to speed on how easily those systems are to beat, but I guess the counter-question is: how sensitive is your wireless network?
Ray Kawakami
X22 X24 X31 X41 X41T X60 X60s X61 X61s X200 X200s X300 X301 Z60m Z61t Z61p 560 560Z 600 600E 600X T21 T22 T23 T41 T60p T410 T420 T520 W500 W520 R50 A21p A22p A31 A31p
NOTE: All links to PC-Doctor software hosted by me are dead. Files removed 8/28/12 by manufacturer's demand.

carbon_unit
Moderator Emeritus
Moderator Emeritus
Posts: 2988
Joined: Sat Apr 24, 2004 9:10 pm
Location: South Central Iowa, USA

#3 Post by carbon_unit » Wed Oct 25, 2006 6:24 pm

WPA-PSK easily blows away any mac address filter.
T60 2623-D7U, 3 GB Ram.
Dual boot XP and Linux Mint.
Registered linux user #160145

dorin
Junior Member
Junior Member
Posts: 363
Joined: Thu Jan 12, 2006 6:24 am
Location: Zürich, Switzerland
Contact:

#4 Post by dorin » Wed Oct 25, 2006 6:29 pm

no no no, is not about protecting my network or any other, it's just a question is bugging me for a while. just wondering if needed which would be the safest way to.

i know is "quite easy" to fake a mac, but for that you need a phisical contact with the unit, right?!
X40 (2386H6G) 1.4Ghz 1.5Gb 40Gb

carbon_unit
Moderator Emeritus
Moderator Emeritus
Posts: 2988
Joined: Sat Apr 24, 2004 9:10 pm
Location: South Central Iowa, USA

#5 Post by carbon_unit » Wed Oct 25, 2006 6:37 pm

No, you can sniff packets and get the mac address of the Access Point and any clients. Then it is a simple matter to spoof the mac address.
A mac address filter is like locking a screen door. It will keep the honest people out.
WPA on the other hand takes some time and effort to crack but it can still be done.
Ethernet is the safest. :wink:
T60 2623-D7U, 3 GB Ram.
Dual boot XP and Linux Mint.
Registered linux user #160145

dorin
Junior Member
Junior Member
Posts: 363
Joined: Thu Jan 12, 2006 6:24 am
Location: Zürich, Switzerland
Contact:

#6 Post by dorin » Wed Oct 25, 2006 6:56 pm

the only 100% safe to protect your sensitive data is not to be connected to any network... :mrgreen:
X40 (2386H6G) 1.4Ghz 1.5Gb 40Gb

carbon_unit
Moderator Emeritus
Moderator Emeritus
Posts: 2988
Joined: Sat Apr 24, 2004 9:10 pm
Location: South Central Iowa, USA

#7 Post by carbon_unit » Wed Oct 25, 2006 7:18 pm

That's for sure! :thumbs-UP:
T60 2623-D7U, 3 GB Ram.
Dual boot XP and Linux Mint.
Registered linux user #160145

christopher_wolf
Special Member
Posts: 5741
Joined: Sat Oct 08, 2005 1:24 pm
Location: UC Berkeley, California
Contact:

#8 Post by christopher_wolf » Wed Oct 25, 2006 9:20 pm

Hardwired connection with a strictly enforced timeout as well as any end-to-end encryption. Even with Cain, it is disturbingly easy to pick out all the data one would need to get around most of the protections home, and even business users, put around their Wireless APs.
IBM ThinkPad T43 Model 2668-72U 14.1" SXGA+ 1GB |IBM 701c

~o/
I met someone who looks a lot like you.
She does the things you do.
But she is an IBM.
/~o ---ELO from "Yours Truly 2059"

Dead1nside
Senior Member
Senior Member
Posts: 780
Joined: Mon Jul 24, 2006 8:32 pm
Location: Reading, UK
Contact:

#9 Post by Dead1nside » Thu Oct 26, 2006 7:29 am

I use a combination of both WPA/2-PSK (AES) with a MAC address access control filter.

The mixed WPA/2 is because not all my laptops support WPA2.
T41p 2373-GHG / 1.5Ghz 'Banias' / NMB Keyboard
T61 14.1'' 7661-CTO / Vista Business / WXGA / T7300 / 2GB RAM / 80GB HDD / X3100 / 3945ABG / NMB KB /
T400 14.1'' 2768-CTO / Vista Business / WXGA / P8400 / 4GB RAM / 200GB 7200RPM / HD 3470 / 5300AGN / WWAN / NMB KB

NS
ThinkPadder
ThinkPadder
Posts: 1053
Joined: Sun May 21, 2006 11:35 pm
Location: Singapore.. a tropical country..

#10 Post by NS » Thu Oct 26, 2006 11:03 am

I used WPA and WEP to encrypt my network and so far nothing happen yet. ;-)

underclocker
moderator
moderator
Posts: 4016
Joined: Wed Mar 23, 2005 3:52 pm
Location: Wash., D.C.

#11 Post by underclocker » Thu Oct 26, 2006 4:18 pm

The worst security breach is one that occurs and you don't know it happened. Unless people use IDS's (intrusion detection systems), a breach may have occurred.

Botom line, for home users WPA-PSK is considered good and adequate. If you need more, hardwired is the way to go.
T510, i7-620m, NVidia, HD+, 8GB, 180GB Intel Pro 1500 SSD, Webcam, BT, FPR Home
T400s, C2D SP9400, Intel 4500MHD, WXGA+, 8GB, 160GB Intel X18-M G2 SSD, Webcam, BT, FPR Travel
Edge 14 Core i5 | Edge 15 Core i3 | Edge 15 Athlon II X2| Edge 15 Phenom II X4

DIGITALgimpus
Senior Member
Senior Member
Posts: 774
Joined: Sat Aug 20, 2005 1:01 pm

#12 Post by DIGITALgimpus » Thu Oct 26, 2006 8:45 pm

WPA (AES) and MAC filtering are bare minimum. Anything less takes just a minute or so to crack. It's almost silly. It's not that technical, there are tools available for download that take the hard work out of it.
T43 (2687-DUU) - 1.86GHz, 1.5GB RAM, 100GB 5400 (non IBM-firmware Hitachi 5k100) HD, Fingerprint Scanner, 802.11abg/Bluetooth, ATI x300

Dead1nside
Senior Member
Senior Member
Posts: 780
Joined: Mon Jul 24, 2006 8:32 pm
Location: Reading, UK
Contact:

#13 Post by Dead1nside » Fri Oct 27, 2006 3:00 am

Apart from wired, what's more secure than WPA-PSK and MAC filtering?
T41p 2373-GHG / 1.5Ghz 'Banias' / NMB Keyboard
T61 14.1'' 7661-CTO / Vista Business / WXGA / T7300 / 2GB RAM / 80GB HDD / X3100 / 3945ABG / NMB KB /
T400 14.1'' 2768-CTO / Vista Business / WXGA / P8400 / 4GB RAM / 200GB 7200RPM / HD 3470 / 5300AGN / WWAN / NMB KB

tomh009
Moderator Emeritus
Moderator Emeritus
Posts: 3021
Joined: Wed Feb 23, 2005 3:30 pm
Location: Kitchener, ON

#14 Post by tomh009 » Fri Oct 27, 2006 3:47 am

christopher_wolf wrote:Hardwired connection with a strictly enforced timeout as well as any end-to-end encryption. Even with Cain, it is disturbingly easy to pick out all the data one would need to get around most of the protections home, and even business users, put around their Wireless APs.
Should really run 100base-FX (fibre) Ethernet to avoid the EM emissions, too, if you really want to be secure! :shock:

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “Off-Topic Stuff”

Who is online

Users browsing this forum: No registered users and 2 guests