Archived from groups: microsoft.public.windows.networking.wireless (
More info?)
It seems there is very little "authoritative" information on the web
regarding the strength of WEP and WPA, except to say WPA is better than 128
WEP is better than 40 WEP.
First, recognize that no security is absolute. Professionals note that
security is inversely proportional to usability - the more secure, the
harder is for the user to use. The security for every situation is
different. What you need to consider is the cost the intruder will have to
incur vs. the benefit they will receive by cracking your system.
Second, most of the discussions regarding the "insecurity" of WEP seem to
focus on the algorithm that turns the pass phrase into an encryption key.
Apparently the algorithm did not produce unique keys, but provided some
subset of keys from the total available keys. This makes searching for the
correct key by trial and error quicker. (Recall when you may have forgotten
the combination to a 3 or 4 digit bike lock of the type with the rotating
cylinders for each number - with sufficient patience you could work through
all combinations until you found the one that opened the lock. Consider how
much easier that was if you already knew one or two of the numbers.)
It is not necessary to use a pass phrase to generate your key. That was a
convenience to make it easer for the user (remember the inverse rule above
;-). Instead, you can generate your own random key (using dice or pulling
the numbers out of a hat) and enter it directly. Just be sure that you use
all 16 of the hexadecimal values. { 0 1 2 3 4 5 6 7 8 9 A B C D E F }
Finally, consider your own circumstances. If you are in a suburban or rural
area, any intruder that wants to crack your wireless network is probably
going to have to sit in a car out in front of your house to be close enough
to access it. I have seen claims that 128 bit WEP with a truly random key
still requires about 20 weeks to crack. A war driver that wants an
anonymous connection for illegal purposes probably won't think the anonymous
access will be very valuable if they risk being spotted in front of your
house to get it. And someone that is looking for your personal information
will find it easier to break into your house and turn your computer on.
Conversely, if you live in an apartment building and you have no idea who
your neighbors are, you probably want to avoid wireless altogether. Even
WPA will not stand up to a sustained attack if the cost to the attacker is
in line with the benefits they could receive.
Most home and SOHO applications fall somewhere in between the two extremes
above. Also the value of any data in home computers is generally pretty
trivial, easier to get by other means, and already has protections against
misuse. (If your home business doesn't fit this general characterization,
I'm sure you already know why AND you have more sophisticated physical
protections as well.)
I guess another way to put it is if you feel comfortable with standard locks
and deadbolts on your doors and don't have a 24 hour monitored alarm system,
you should be equally comfortable using 128 bit WEP with a random key. If
you want to up your odds, then use a restricted MAC access list as well.
Dave M
"DRK" <anonymous@discussions.microsoft.com> wrote in message
news:233e001c45eb4$6da65cc0$a601280a@phx.gbl...
> Hi,
>
> I just setup a home wireless network using NetGear WGR614
> wireless router and WGB511 PCMCIA card on XP Pro. My
> question is should I take the extra leap and implement WAP
> Security or would a WEP-128bit security be more than
> sufficient for a home environment?
>
> The answer carries a lot of signifance for my decision
> because the WGB511 card that I got would not let me
> upgrade to a new version of the driver that has WAP
> support. And if the recommendation that I go for WAP
> security for a home wireless network, I should think about
> going for a different card.
>
> Also, if I have to go for WAP security, do I still need to
> install the Microsoft WAP Security Update KB#815485
> (http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%
> 3B815485) ?
Facebook
Twitter
Instagram