Re: 128 bit WEP

General Schvantzkopf <schvantzkopf@xxxxxxxxx> writes:

On Fri, 28 Dec 2007 07:42:13 -0600, Ignoramus14384 wrote:

On 2007-12-27, Unruh <unruh-spam@xxxxxxxxxxxxxx> wrote:
Ignoramus7897 <ignoramus7897@xxxxxxxxxxxxxxxxxxx> writes:

On 2007-12-26, Unruh <unruh-spam@xxxxxxxxxxxxxx> wrote:
Ignoramus4611 <ignoramus4611@xxxxxxxxxxxxxxxxxxx> writes:

Is 128 bit wep any more secure than 64 bit wep?

This is in context of an apartment building.

The wifi router in question, unfortunately does not support WPA.

How much security do its owners really have?

As a previous post says, look at
http://www.aircrack-ng.org
It claims 3-5 min is enough time to collect enough info ( using
active techniques) to crack 128 bit WEP.
Of course your attacker must want to crack you,and must have the
tools to do
so. Unfortunately neither of those are under your control. Thus, yes,
WEP is better than nothing. But if y our attacker is determined, it
is not much better than nothing. If he is not, then you should be
fine.

I think that I will start looking for a new WPA capable wifi router.
This is very unfortunately, as they are unable to set it up by
themselves.

Maybe if you were to tell us what your attack threat was, we could help
you more. Ie, if you are worried that the other apartment dwellers will
connect to the internet via your router and dsl connection and hog the
whole bandwidth, then simple WEP is probably sufficient to discourage
them. After using it and discovering that it is not sufficient (ie
finding that your apartment neighbours are using your bandwidth and
using up your quota of bytes transfered from your ISP) then you can
escalate to buying a new wireless router. Or you can simply disable
wireless and use wired connections. Or you can buy a new router ($20 on
boxing week sales).

WPA is not that much more difficult than WEP on Linux.

Who are "they"?


They are my parents. They stubbornly refuse to do system administration.
My dad has used computers since the 60s and yet does not want to learn
sysadmin stuff etc. Whateverr.

The threat model is that some resident of their apartments would abuse
their bandwidth.

i

They aren't running any servers so you can close all of their ports on
their firewall. A firewall plus WEP should be enough for their needs.

Apparently he is not worried about their computer being cracked, but about
some other resident connecting the web through their router and downloading
100G of stuff, causing them to have to pay huge sums to the telco for
overuse of the connection.

.

Relevant Pages

  • Re: Bandwidth Hogging by server communication...
    ... ->ISDN lines at remote locations start at a Pipeline ISDN router ... -> Internet connection is through a Netscreen Firewall, ... -> When we set up the VPN the remote server took all available bandwidth ...
    (microsoft.public.win2000.networking)
  • Re: How to set up connection to wireless router with PPC6700
    ... Open vs. Shared is just different methods of exchanging the WEP keys. ... The Internet just controls how traffic is routed to the connection. ... the router, The Internet is the best choice. ...
    (microsoft.public.pocketpc.activesync)
  • Re: Re: Re: WEP encryption and ndiswrapper
    ... And if I turn off WEP, then I'm able to connect either way. ... machines have wirless chipsets with the Real Tek 8180 chipsets. ... I tried using WPA-PSK on the router, and it started to work, but then ... brief periods of connectivity then the connection dies. ...
    (Debian-User)
  • Re: 128 bit WEP
    ... Of course your attacker must want to crack you,and must have the tools to ... Thus, yes, WEP ... to the internet via your router and dsl connection and hog the whole ... bandwidth, then simple WEP is probably sufficient to discourage them. ...
    (comp.os.linux.networking)
  • Re: 128 bit WEP
    ... Thus, yes, WEP ... to the internet via your router and dsl connection and hog the whole ... bandwidth, then simple WEP is probably sufficient to discourage them. ... WPA is not that much more difficult than WEP on Linux. ...
    (comp.os.linux.networking)