PDA

View Full Version : Creating a second network in the house with different encryption




riker1384
Jan 20, 2010, 07:59 PM
I have an Imac, one or two generatins before the current one. My household uses a Verizon wireless router with WPA2 encryption. I'm thinking of buying an Internet radio device that streams audio stations from the Internet, but it's old and it only works with WEP encryption. How can I create a network with WEP? Can my Mac connect to the WPA2 network and create a WEP network for the radio at the same time?

Can I buy a cheap wireless router, plug it straight into the Verizon router with an Ethernet cable, and create a network on it with WEP? (And do this without compromising the security of the other stuff in the house?) That would work better if I can do that, because I wouldn't have to leave my Mac on.

Forgive me, I don't know anything about networking so this may be a dumb question.



Consultant
Jan 20, 2010, 09:20 PM
Does the internet device have ethernet port? If yes you can get a WPA2 compatible router / wireless access point to connect to rest of the network.


Vz router --wireless wpa2-- access point --wire-- internet radio

riker1384
Jan 20, 2010, 09:57 PM
Does the internet device have ethernet port? If yes you can get a WPA2 compatible router / wireless access point to connect to rest of the network.


Vz router --wireless wpa2-- access point --wire-- internet radioNo, the Internet radio doesn't have any ports. It only has a power jack and an audio out jack.

Would I be able to set the Verizon router to use WEP with one device and WPA2 with everything else?

belvdr
Jan 21, 2010, 06:26 AM
Usually only higher end devices support this. What happens is the different SSIDs reside on different VLANs, so you'd have an entirely different IP subent for the WEP encryption.

Doing this on you average home router, unless supported by DD-WRT or OpenWRT, is likely not to occur.

EDIT: Consultant's answer gave me a thought. Get another AP and plug it directly into the Verizon router, if it has some switch ports on it. Then create a separate wireless network that way. Of course, at this point, you've reduced the entire network security, so you might as well degrade the existing network to WEP and call it a day.

riker1384
Jan 21, 2010, 11:59 AM
EDIT: Consultant's answer gave me a thought. Get another AP and plug it directly into the Verizon router, if it has some switch ports on it. Then create a separate wireless network that way. Of course, at this point, you've reduced the entire network security, so you might as well degrade the existing network to WEP and call it a day.Could I plug another wireless router into the Verizon router and set up some sort of firewall so the new wireless network can only access the Internet, and not the other machines in the house?

belvdr
Jan 21, 2010, 12:37 PM
Could I plug another wireless router into the Verizon router and set up some sort of firewall so the new wireless network can only access the Internet, and not the other machines in the house?

I don't believe you could with the equipment you have. What you'd need to do is have the Verizon router filter requests on the new AP blocking them access to your regular LAN.

riker1384
Jan 21, 2010, 01:59 PM
If I just set up a router with 128-bit WEP and MAC address filtering so it only connects to my radio, wouldn't that be safe enough?

belvdr
Jan 21, 2010, 02:06 PM
No. MAC addresses are not part of the encrypted packet. So, anyone can just sniff the MAC and spoof it.

dazey
Jan 21, 2010, 05:04 PM
Agree with the others. The only way to do this is by using two access points that share the network connection but don't allow traffic between the two access points. So a VLAN capable router and two access points. MAC address spoofing is trivial and you can break wep in a matter of minutes if there is traffic on the network.

Consultant
Jan 21, 2010, 06:08 PM
Usually only higher end devices support this. What happens is the different SSIDs reside on different VLANs, so you'd have an entirely different IP subent for the WEP encryption.

Doing this on you average home router, unless supported by DD-WRT or OpenWRT, is likely not to occur.

EDIT: Consultant's answer gave me a thought. Get another AP and plug it directly into the Verizon router, if it has some switch ports on it. Then create a separate wireless network that way. Of course, at this point, you've reduced the entire network security, so you might as well degrade the existing network to WEP and call it a day.

Yeah you can plug in another router.

I plug in my Airport Extreme for N only 5ghz while the verizon router does g.

riker1384
Jan 21, 2010, 08:58 PM
Forgive my ignorance, but if I put up another router with WEP and in a worst case someone breaks it, would that make the other computers vulnerable, or would it just let someone listen to my Internet radio and leech on my Internet access? There's a Linux box, a Mac, a Tivo, and sometimes a Windows netbook.

(I just read that Verizon routers come with WEP by default, so if there was a hacker in the neighborhood they probably would have cracked the neighbors first anyway. I live in a decent neighborhood and can pick up about 4 neighbor's networks, so the odds of living next to a malicious hacker are probably low. The problem is I live with a nerd who is a wanker about security so I wanted to figure things out before I brought it up.)

belvdr
Jan 22, 2010, 07:41 AM
Forgive my ignorance, but if I put up another router with WEP and in a worst case someone breaks it, would that make the other computers vulnerable, or would it just let someone listen to my Internet radio and leech on my Internet access? There's a Linux box, a Mac, a Tivo, and sometimes a Windows netbook.

(I just read that Verizon routers come with WEP by default, so if there was a hacker in the neighborhood they probably would have cracked the neighbors first anyway. I live in a decent neighborhood and can pick up about 4 neighbor's networks, so the odds of living next to a malicious hacker are probably low. The problem is I live with a nerd who is a wanker about security so I wanted to figure things out before I brought it up.)

If you connect another AP to your router, and someone breaks it, they are on your local network.

riker1384
Jan 22, 2010, 09:17 AM
If you connect another AP to your router, and someone breaks it, they are on your local network.I don't know what that means, though. They can use my Internet access, but could they harm any of the computers if they get on the network?

In any case, I was planning on getting an Ipod Nano, and it looks like there are apps that let an Ipod Touch get Internet radio, so I may just go with that and sell this Internet radio I got.

Thanks for the help.

belvdr
Jan 22, 2010, 11:03 AM
I don't know what that means, though. They can use my Internet access, but could they harm any of the computers if they get on the network?

In any case, I was planning on getting an Ipod Nano, and it looks like there are apps that let an Ipod Touch get Internet radio, so I may just go with that and sell this Internet radio I got.

Thanks for the help.

Yes, if they break into the access point with WEP, then it's just as if they are on your other wireless network.

Consultant
Jan 22, 2010, 12:46 PM
See graphic for a suggested set up in this situation.

Me
Router A: G
Router B: N 5ghz only WPA2

You
Router A: WEP
Router B: WPA2

Of course if you REALLY care about security you would have only bought a device with WPA2 security. So, just set routers to strong passwords, and you'll be set. With Router A you can set a bandwidth limit for Router A wifi if you are paranoid.