Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

To wep or not to wep. That is the question.

Hugh

Hugh

macrumors 6502a
Original poster
Feb 9, 2003
840
5
Erie, PA
I think I posted this before and I am too lazy to go though all the messages on the board to look for my message.

Right now I have my router to only allow those MAC addresses that I put in. In other words if you can over my house and wanted to use my router I would have to get you MAC address. But it still shows up on the list.

Now is the question, is that enough protection? Can some one watch what I'm doing? Can they see the other MAC addresses and spoof one of them to alow them to use the router?

I'm not too worry if they can watch what I on the internet might fine themselves being bored. :D

Oh I have also heard that if you use WEP it slows your connection down a bit. Is this true?

Thanks! :cool:

Hugh
 
Hugh said:
I think I posted this before and I am too lazy to go though all the messages on the board to look for my message.

Right now I have my router to only allow those MAC addresses that I put in. In other words if you can over my house and wanted to use my router I would have to get you MAC address. But it still shows up on the list.

Now is the question, is that enough protection? Can some one watch what I'm doing? Can they see the other MAC addresses and spoof one of them to alow them to use the router?

I'm not too worry if they can watch what I on the internet might fine themselves being bored. :D

Oh I have also heard that if you use WEP it slows your connection down a bit. Is this true?

Thanks! :cool:

Hugh
Click to expand...

Wep as far as I know does not slow it down. I would suggest using WPA2 if you can with mac filtering for more secure wireless
 
128-bit WEP is what I use - that should protect you against all but the most determined attacks, though WPA is better.

There are a few unprotected networks within range of my house so anyone leeching wireless nearby would use them anyway.
 
Hugh said:
I think I posted this before and I am too lazy to go though all the messages on the board to look for my message.

Right now I have my router to only allow those MAC addresses that I put in. In other words if you can over my house and wanted to use my router I would have to get you MAC address. But it still shows up on the list.

Now is the question, is that enough protection? Can some one watch what I'm doing? Can they see the other MAC addresses and spoof one of them to alow them to use the router?

I'm not too worry if they can watch what I on the internet might fine themselves being bored. :D

Oh I have also heard that if you use WEP it slows your connection down a bit. Is this true?

Thanks! :cool:

Hugh
Click to expand...

Disable broadcasting of the signal and you'll be set with MAC Address filtering. Some people will say otherwise, but I'll tell them good luck trying to get in. If someone wants in that bad they will find a way. Most people will just say the hell with it and find an easier target such as an open network with no security at all.
 
If the best your router can do is WEP, go ahead and enable it. It's not going to slow down your connection. WEP + MAC filtering + hidden SSID is going to stop the majority of people I think, unless they're really determined.
 
Same thing I do...disable the SSID broadcast & use MAC filtering.

Easy to admin & not the easiest to hack into (of course people will get in if they want).
 
If they can get past mac address filtering they can more than certainly get past wep. i find it a pain and it caues stability problems with both my routers. I also recommend turning off the ability to make changes to the router. None of my neighbors do and probably can't figure out why a random letter of their ssid changes each week.
 
Rokem said:
I also recommend turning off the ability to make changes to the router. None of my neighbors do and probably can't figure out why a random letter of their ssid changes each week.
Click to expand...
LOL. :D Definitely have a secure login for your router... but do some actually have the ability to disable settings changes altogether?
 
Lord Blackadder said:
128-bit WEP is what I use - that should protect you against all but the most determined attacks, though WPA is better.

There are a few unprotected networks within range of my house so anyone leeching wireless nearby would use them anyway.
Click to expand...

There are valid differential attacks against WEP, all it takes is sniffing enough traffic w/o LEAP. I'd consider WEP not much more secure than running open. The tools to attack it are built into Kismet, Kismac, etc.

Hugh said:
I think I posted this before and I am too lazy to go though all the messages on the board to look for my message.

Right now I have my router to only allow those MAC addresses that I put in. In other words if you can over my house and wanted to use my router I would have to get you MAC address. But it still shows up on the list.

Now is the question, is that enough protection? Can some one watch what I'm doing? Can they see the other MAC addresses and spoof one of them to alow them to use the router?

I'm not too worry if they can watch what I on the internet might fine themselves being bored. :D

Oh I have also heard that if you use WEP it slows your connection down a bit. Is this true?

Thanks! :cool:

Hugh
Click to expand...

You really want WPA if you want security, so long as you don't use a dictionary word as a key, WPA or WPA2 will secure the network. WEP is subject to differential attacks built-in to cracking tools. Disabling SSID broadcasts likely won't help much either, as you're sending a radio signal in the clear ;)

If the system isn't fast, or the AP sucks, you may see some latency in the encryption, but most folks don't notice at all.

WPA/WPA2 provides security, everything else is at best obscurity. You may still be able to get away with WEP *if* you're using LEAP, but then LEAP has had issues as well- best case you'll limit your attackers to the subset that can download and install tools.
 
compuwar said:
There are valid differential attacks against WEP, all it takes is sniffing enough traffic w/o LEAP. I'd consider WEP not much more secure than running open.
Click to expand...

99% of the people who might want to leech my network have no idea what any of that means. But you are right.
 
Without any kind of security (WEP or WPA), all your data is flying through the air unencrypted - meaning that anyone can packet sniff your data and see what you're doing, what info you're sending, etc. WEP is no longer secure as it can be broken with some work. WPA or WPA2 is your only option if you care about your privacy.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back