99% of the war drivers out there are looking for free Internet access, and there are, quite frankly, plenty of wide open networks to choose from without wasting the time to airsnort an encrypted one (and open corporate wireless networks usually have better Internet bandwidth than home nets anyway). If you don't want people using your connection, just turning on WEP is enough. The other 1% out there are either looking for a specific target (probably not you, most likely a corporation), or have voyeuristic tendencies and, just like the other 99%, wouldn't waste time with even a superficially secure network.
Corporate wireless networks on the other hand are a very different story, because they are actively targetted. 802.1x is more appropriate there.
Go read my long post at http://www.mail-archive.com/[EMAIL PROTECTED]/msg06667.html for more information. Excerted from it:
WEP is not as bad as it has been made out to be, *in current implementations*. I have had an AirSnort box running next to one of my APs for well over 9 months now without being able to crack the password. Back in August of last year, I set up a computer on the wireless network that I flood pinged to generate the maximum possible amount of traffic. The AP I was using at the time had the second most recent firmware (the one prior to the weak key mitigation fix). We were able to crack the password in about 3 hours. In real world time and packet load (according to my calculations anyway) this would have taken about *16 BUSINESS DAYS* or >3 weeks. After the firmware update with the weak key avoidance fix, we were unable to crack it after more than 48 hours of continuous flood pinging, which works out to be about *302 BUSINESS DAYS* of normal traffic more or less. This is not counting weekends, where the traffic level would be much lower than normal. The iLabs group at Networld+InterOp (the interoperability testing group from which the InterOp part comes from) confirmed this with their own tests there at the show.
Anyway, my $0.02.
Adam
PS- Still looking for Friganoid the Wardriver
Andrew Jorgensen wrote:
John Noll wrote:
I'm trying to decide if I should go wireless here at home. Right now I have
a Siemens SpeedStream 2-port router (Residential Series Model SS2602). I 'm
thinking of switching to the Netgear MR814 wireless router. The Netgear
router also has a built-in 4-port switch.
My main concern is security. Does anyone know the comparison between the
security features of these two products or where I could go to find reliable
info? Also, the security issues surrounding wireless connections?
There is little "security" in a wireless connection. Some routers only allow certain MAC addresses, but MACs can be spoofed. Some support WEP to varying degrees, but if someone wants to sniff your packets they will and if they sniff enough they can crack the code. That's pretty much it. If you go for wireless do it for the convenience and don't flatter yourself that you'll have privacy.
My personal take is: Who cares? I guess someone could sniff this email, but why would they need to? If I need privacy I'll encrypt it here before I send it.
Buy yourself the wireless router and enjoy it. Of course if you already own a router there's no good reason to buy a wireless router instead af a real access point. An access point will bridge your wireless connections into your existing local network as though they were just on a switch.
____________________
BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________
List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list
____________________
BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________
List Info: http://phantom.byu.edu/cgi-bin/mailman/listinfo/uug-list
