13th September 2003, 11:01 AM
Home wireless network
I know we have a lot of IT gurus here at Clubsnap, so may I seek some advices on a home wireless network this time?
I don't enable the WEP encryption on my home wireless network because the connection keeps dropping when a 64 bit WEP encryption is enabled. I use instead a MAC address filtering option on the access point. Is it considered reasonably safe to rely only on MAC address filtering? Any other measure to improve this? (To prevent Sally, my neighbor, from eavesdropping and intercept my secret love email)
I don't know why the connection keeps dropping when the WEP encryption is enabled. Initially I thought I had a faulty Linksys and went to buy an additional access point made by D-link but I am still encountering the same problem when WEP encryption is enabled. Even at a distance of 1 meter, the connection still drops after a while.
Any advice would be appreciated. Thanks.
Last edited by rty; 13th September 2003 at 11:04 AM.
13th September 2003, 11:13 AM
What PCI/PCMCIA wireless network interface cards are you using? Could be that they are not 100% compatible with your Linksys AP?
Originally Posted by rty
13th September 2003, 11:27 AM
13th September 2003, 11:33 AM
"QUOTE from rty: ....I use instead a MAC address filtering option on the access point. Is it considered reasonably safe to rely only on MAC address filtering? "
The MAC address filtering option, only restrict which workstation/PC/device can access the Access Point.
If you apply MAC Address filtering, your neighbour will not be able to "log on" to the Wireless LAN to view your other PC's hooked to the LAN (if you had enabled sharing) and "tap" your broadband to use.
But the data transmitted from your Access Point to the PC/notebook in your house is not encrypted at all.
Your PC's NIC is an authorised MAC address in the LAN otherwise you won't be able to access it right? so when the Access Point transmits data to your PC, it is allowed by the MAC address filtering option.
However when the "data" is "flying" through the air (so to speak) to the NIC of your PC, it may be intercepted or tapped by another PC/device.
(It's like tapping in on your phone line outside your house. you will be able to make and receive calls but someone else is listening in on your conversation)
Since the data is not encrypted. Using a software like sniffer..etc, the intruder will be able to decipher the data sent to and fro from your PC to the Access Point.
Than again, WEP is not a fail safe method, it has been known to be able to hack into WEP encrypted networks. (the 64bit WEP is much easier to break than a 128 or 256bit WEP)
But it is a secure enough method to prevent casual unauthorised snoopers "listening" to your network.
Unless you are doing some confidential work at home or sending sensitive emails or such to your boss.
13th September 2003, 11:33 AM
as clown said, it could be the 802.1x encryption. check if your wireless client has the option selected - and disable it.
13th September 2003, 12:49 PM
You guys are genius! I disabled the 802.1x authentication as suggested and the WEP encryption works without any glitch. Thanks.
I don't know how much slower the transmission has become though with the encryption enabled. Any idea, anyone? Negligible?
By the way, for wireless clients, I am using Compaq PCMCIA card, Linksys PCI card, and Linksys wireless USB adaptor.
Winston, thanks for sharing the knowledge. I have just added another security layer by disabling the SSID broadcast (to make it more difficult for Sally). By the way, I just tried the AP site survey feature and found two other wireless networks in the viscinity (One of them has no WEP encryption but the SSID broadcast is disabled). It seems like home wireless network is very common nowadays and one cannot be too complacent with safeguarding their network.
Again, thanks everyone.
13th September 2003, 03:56 PM
Just to add on, with SSID broadcast and MAC addr filtering enable, with some tools you can easily sniff out the MAC address being used, and then you can hijack the MAC addresss.
It is true that even WEP can be broken using its vulnerability. But for typical home network, the traffic is not very high so you need quite a while, typically around 2 weeks or so. When using this vulnerability, 64 bit or 128 bit doesn't make much of a difference.
As to how much will WEP slow down the connection, it depends on both the AP and the wireless card. Generally it is not too bad, but in some case could be rather significant.
There are some work in progress to improve the situation, WPA and TKIP.
TKIP is already available for some vendor, but seems that it might not get wide adoptation. WPA is probably later part of the year..........
Haven't follow up on this for a few months liao, so if anything mention is no longer valid don't come after me with a hammer........
13th September 2003, 04:49 PM